Vanguard is PHP application, written in Laravel PHP framework, that allows website owners to quickly add and enable authentication, authorization and user management to their website. It is designed following latest security and code standards and it is ready for high availability websites. Although it is written in Laravel, it can be used to provide secure login, authentication, authorization and complete user management for any PHP powered website. Vanguard also comes with fully documented JSON API which allows you to easily authenticate users from your mobile (or any other) application.

It comes with almost three hundred automated tests (functional and unit), that cover all vital parts of the application and the API and ensures it’s maintainability and stability.

Version 7.0.0

Features Secure user registration and login Social Authentication using Facebook, Twitter and Google+ Password reset Two-Factor Authentication Remember Me feature on login Login with email or username Google reCAPTCHA on registration Authentication Throttling (lock user account after few incorrect login attempts) Interactive Dashboard Unlimited number of user roles Powerful admin panel Unlimited number of permissions Manage permissions from admin interface Assign permission to roles Easily check if user has permission to perform some action JSON API to build any kind of applications around Vanguard Super easy installation using installation wizard User Activity Log Avatar upload with crop feature Built using Bootstrap 4 Active Sessions Management (see and manage all your active sessions) Admins can impersonate users Full unicode support Client side and server side form validation Fully customisable from settings section Complete and detailed documentation Fully object oriented and commented PHP and JavaScript code. Localization support – Translate the application to any language (English, Serbian and German translations included) Runs on PHP 8.0.2+ Flexible Plugin System Security CSRF Protection – all forms include CSRF token Session Protection – highly secure Laravel session mechanism Highly secure one-way password hashing Server Requirements PHP >= 8.0.2 BCMath PHP Extension OpenSSL PHP Extension PDO PHP Extension Mbstring PHP Extension Tokenizer PHP Extension Ctype PHP Extension XML PHP Extension JSON PHP Extension GD PHP Extension Fileinfo PHP Extension Demo and Documentation Demo link: https://demo.vanguardapp.io Admin Credentials Username: admin Password: admin123 Documentation and Support: https://milos.support-hub.io/ Discount Notifications Subscribe to receive notifications about discounts and updates: https://vanguardapp.io/#subscribe Changelog

Check the docs for upgrade guide.

March 17, 2022 – Version 7.0.0 Added support for PHP 8.1 Upgraded to Laravel 9 Updated all third party packages to the latest stable versions August 12, 2021 – Version 6.1.0 Added support for PHP 8 Updated all third party packages to the latest stable versions Fixed invalidate session redirect issue Fixed german translation issues Fixed bg-color issue for switch components Fixed pagination styling issue Update `redirectIfAuthenticated` trait to respect the `to` parameter October 20, 2020 – Version 6.0.0 Upgraded to Laravel 8 Fixed api registration issue Fixed email confirmation routes Fix field type for 2FA phone number Fix impersonation route middlewares April 8, 2020 – Version 5.0.1 Fixed installation wizard April 5, 2020 – Version 5.0.0 Fixed custom login redirect issue Upgraded to Laravel 7 Switched to Laravel Sanctum for API authentication Replaced API transformers with Laravel's API Resources Changed API response format September 17, 2019 – Version 4.0.1 Fixed password reset email issue Fixed avatar upload issue Updated registration and email verification flow September 13, 2019 – Version 4.0.0 Added Plugin Support Upgraded to Laravel 6 April 1, 2019 – Version 3.2.1 Fix installation issue March 30, 2019 – Version 3.2.0 Upgraded to Laravel 5.8 Replaced deprecated Larvel str_ and array_ helper functions October 30, 2018 – Version 3.1.0 Upgraded to Laravel 5.7 Fixed issue with API when country_id field is null Fixed Notifications Settings update bug Improved Two-Factor Authentication by adding one more step for phone verification Added Impersonate feature June 14, 2018 – Version 3.0.1 Minor bug-fix release to address a few mostly UI related bugs. List of changed files available inside the upgrade guide. May 17, 2018 – Version 3.0.0 Complete frontend re-write with Bootstrap 4 Remove additional step for Twitter authentication since Twitter can provide an email now Update sizes of the avatars retreived during social authentication March 13, 2018 – Version 2.2.0 Upgrade to Laravel 5.6 Fix issue with Authy secret key and config caching Fix issues with registration history chart Fix installation issue on PHP 7.2 December 19, 2017 – Version 2.1.1 Added ability to configure dates format across the app Added automatic session invalidation and log out of the user if he is banned by the administrator Added device info on session list page Updated dashboard chart to display data in last 365 days (instead of for current year) Extracted model factories to different files (important for testing purposes only) Fixed autoload include issue for existing websites November 08, 2017 – Version 2.1.0 Upgrade Laravel to version 5.5 Fix glitch on User Acivity search September 14, 2017 – Version 2.0.2 Fix avatar update issue when admin is updating avatar for some other user Disable API authentication for banned and unconfirmed users Fix country update issue which occures on some MySQL versions August 25, 2017 – Version 2.0.1 Fix installation issues from previous version Update documentation August 23, 2017 – Version 2.0.0 Add fully tested JSON API Fix some minor glitches related to translation May 1, 2017 – Version 1.3.3 Fix incompatibility issues between laravel-jsvalidation package and Laravel Framework version 5.4.19+ Fix issue where country is set to null after user logs in April 12, 2017 – Version 1.3.2 Removed zizaco/entrust package and replaced with Vanguard's native mechanism for handling roles and permissions $user->can() method now use Laravel's default authorization mechanism. For checking if user has permission defined by Vanguard, you should use $user->hasPermission('...'). March 06, 2017 – Version 1.3.1 Fixed installation issue Fixed issue with FORCE_SSL February 18, 2017 – Version 1.3.0 Laravel 5.4 upgrade IMPORTANT: Fixed potential security issue with user avatar upload Fixed issue to don't allow banned users to log in via social networks Expanded and updated automated tests to cover all bugs and issues from above September 30, 2016 – Version 1.2.1 Fixed bug when creating/updating users from admin panel without selected country Fixed small typos on delete user confirmation popup September 27, 2016 – Version 1.2.0 Updated to Laravel 5.3 InnoDB is now forced storage engine for MySQL database Slightly improved design E-Mail templates updated (now using Laravel 5.3 Notifications feature) Fixed default country value Fixed n+1 problem for activity page (added missing eager loading) Fixed translation glitches Added IIS configuration file PHP 5.6.4 is now minimum PHP version required (Laravel 5.3 requirement) PHP XML extension is now requirement (Laravel 5.3 requirement) Updated and extended documentation Dropped support for HHVM, since Laravel 5.3 does not support it March 30, 2016 – Version 1.1.2 Add missing middleware to redirect user to install page if Vanguard is not installed March 29, 2016 – Version 1.1.1 Added German translation files Add translation for few missed strings Fix some small bugs March 15, 2016 – Version 1.1.0 Add localization support Use social network profile image as default avatar after social auth Fix problems with pagination while browsing search results for users and activities Handle missing email from non-twitter social provider February 18, 2016 – Version 1.0.4 Updated documentation Added option to allow redirect to custom page after login Disable access to login page for authenticated users February 4, 2016 – Version 1.0.3 Updated documentation Fixed css glitches Added more tests January 25, 2016 – Version 1.0.2 New design for error pages Updated installer to require Fileinfo extension January 22, 2016 – Version 1.0.1 Add missing configuration placeholder file January 21, 2016 – Version 1.0.0 First release