Jimbo Plugin

Jimbo Plugin is a system plugin that provides all essential functionalities for creating an admin panel within the Festi Framework. It includes authentication, settings management, routing, making it easy to build and manage administrative interfaces.

For install and update plugins use url:

/festi/install/

Settings

SETTING_KEY_NON_AUTH_EXCEPTION

The SETTING_KEY_NON_AUTH_EXCEPTION setting controls whether the plugin should throw an exception for unauthorized access attempts on non-auth URLs, rather than redirecting users to the login form.

$plugin->addSetting(JimboPlugin::SETTING_KEY_NON_AUTH_EXCEPTION, true);

URL Rules

Non-Auth URL Rule

The Non-Auth URL Rule allows specific URLs to be accessed without requiring user authentication. This is useful for public routes such as login, signup, password recovery, or API endpoints.

Adding Non-Auth URLs

You can directly add non-auth URLs by defining them within your plugin code.

$plugin = Core::getInstance()->getSystemPlugin('Jimbo');
$plugin->addNonAuthUrl('/custom/public/url/');

Adding Non-Auth URLs Using Events

To add non-auth URLs through an event, use the ConfigureRequestUrlRulesEvent. This method is ideal for setting non-auth routes during plugin initialization.

$this->addEventListener(
    ConfigureRequestUrlRulesEvent::EVENT_TYPE,
    function (ConfigureRequestUrlRulesEvent $event) {
        $event->addNonAuthUrl('/public/url/');
    }
);

Supporting Regular Expressions

You can also define non-auth URLs using regular expressions for more dynamic routing.

'#^/api/public/.*#'

Events

ConfigureRequestUrlRulesEvent

When you need to modify or add some rules for URL routing, you can use that event. Additionally, through that event, you are able to add a URL that will be accessible without authorization.

To use this event add init.php into your plugin directory.

  • addNonAuthUrl method to add URL to whitelist for non-authenticated actions, e.g. webhooks etc.
  • addUrlRule method to add new URL rule from code.
<?php

$this->addEventListener(
    ConfigureRequestUrlRulesEvent::EVENT_TYPE,
    function (ConfigureRequestUrlRulesEvent $event) {
        $event->addNonAuthUrl('/some/plugin/url/');

        $event->addUrlRule(' ~^/test/$~', 'Test', 'onDisplayTest');
    } 
);

RequestExceptionEvent

RequestExceptionEvent is dispatched when a permission exception is triggered.

ResponseErrorEvent

ResponseErrorEvent is dispatched when an exception occurs.

SignInErrorEvent

SignInErrorEvent is triggered when a user fails to sign in due to incorrect credentials, account restrictions, or other authentication errors. It allows handling failed login attempts, logging errors, or displaying custom messages.

SignInEvent

SignInEvent is triggered upon a successful user login. It allows executing additional actions like logging sign-ins, updating last login timestamps, or redirecting users to a specific page.

SignInRedirectEvent

SignInRedirectEvent is fired after a successful login but before redirecting the user. It enables customization of the redirection process, such as directing different user roles to specific pages.

SignOutEvent

SignOutEvent is triggered when a user logs out. It can be used to clear session data, log user activity, or perform other cleanup actions.