👥Impersonation

Admins can sign in as any user

In version 1.6 (pull request) we added the ability for admins to impersonate normal users.

This adds two routes:

post "/impersonate", UserImpersonationController, :create
delete "/impersonate", UserImpersonationController, :delete

Clicking the "Impersonate" button will perform a POST request to the above route, including the user_id of the user to be impersonated. We store the current_admin_id in the session, and sign in the admin as that user.

Once the admin has finished, the sign out button will be replaced with an "Exit impersonation" button.

This button will hit the :delete action route, which looks for current_admin_id in the session and uses it to sign in to the admin user again.

Turn off impersonation

You can toggle impersonation on/off easily in config.exs:

config :petal_pro,
  impersonation_enabled?: false

PreviousImage uploads NextBackground Tasks and Jobs

Was this helpful?