The Platform Settings panel allows administrators to configure global settings that affect all users on the Discord Webhook Manager platform.
Access Settings Platform settings are embedded in the admin dashboard at /admin. You can view and update settings directly from the dashboard interface.
Admin Only : All settings require admin role and password confirmation. Changes affect all users immediately.
Available Settings The platform provides several categories of settings:
Authentication Settings Control user authentication and account management:
Registration Enabled Type : BooleanDefault : trueControls whether new users can register accounts on the platform.
Password Reset Enabled Type : BooleanDefault : trueControls whether users can reset their passwords via email.
Use Case : Disable registration when you want a closed platform. Disable password reset if you manage passwords through an external system.
AI Integration Settings Configure artificial intelligence features for content generation:
AI Provider Type : String (openai or gemini)Default : openaiSelects which AI provider to use for content generation. Supported Providers :
openai - OpenAI GPT modelsgemini - Google Gemini models
OpenAI API Key Type : String (optional)Default : EmptyAPI key for OpenAI integration. Required if AI provider is set to openai.
Gemini API Key Type : String (optional)Default : EmptyAPI key for Google Gemini integration. Required if AI provider is set to gemini.
AI Daily Limit Type : Integer (minimum: 1)Default : 5Maximum number of AI generations per user per day. Admins have unlimited usage.
Retrieving Settings Settings are stored in the settings table and retrieved through the Setting model:
Basic Retrieval From Setting.php:15-26:
public static function get ( string $key , $default = null ) { return Cache :: remember ( "setting.{ $key }" , 3600 , function () use ( $key , $default ) { $setting = self :: where ( 'key' , $key ) -> first (); if ( ! $setting ) { return $default ; } return self :: castValue ( $setting -> value , $setting -> type ); }); }
Settings are cached for 1 hour (3600 seconds) for performance. The cache is automatically cleared when settings are updated.
Helper Methods The Setting model provides convenient helper methods:
// Check if registration is enabled Setting :: isRegistrationEnabled (); // returns boolean // Check if password reset is enabled Setting :: isPasswordResetEnabled (); // returns boolean // Get AI provider $provider = Setting :: get ( 'ai_provider' , 'openai' ); // Get AI daily limit $limit = Setting :: get ( 'ai_daily_limit' , 5 );
Updating Settings Settings can be updated through the admin dashboard or programmatically:
Admin Dashboard Update The settings form submits to /admin/settings (POST).
From web.php:136-161:
Route :: post ( 'admin/settings' , function ( \Illuminate\Http\ Request $request ) { $request -> validate ([ 'registration_enabled' => 'required|boolean' , 'password_reset_enabled' => 'required|boolean' , 'ai_provider' => 'required|string|in:openai,gemini' , 'openai_api_key' => 'nullable|string' , 'gemini_api_key' => 'nullable|string' , 'ai_daily_limit' => 'required|integer|min:1' , ]); Setting :: set ( 'registration_enabled' , $request -> registration_enabled , 'boolean' ); Setting :: set ( 'password_reset_enabled' , $request -> password_reset_enabled , 'boolean' ); Setting :: set ( 'ai_provider' , $request -> ai_provider , 'string' ); if ( $request -> filled ( 'openai_api_key' )) { Setting :: set ( 'openai_api_key' , $request -> openai_api_key , 'string' ); } if ( $request -> filled ( 'gemini_api_key' )) { Setting :: set ( 'gemini_api_key' , $request -> gemini_api_key , 'string' ); } Setting :: set ( 'ai_daily_limit' , $request -> ai_daily_limit , 'integer' ); return redirect () -> back () -> with ( 'success' , 'Settings updated successfully.' ); }) -> name ( 'admin.settings.update' );
Programmatic Update From Setting.php:31-41:
public static function set ( string $key , $value , string $type = 'string' ) : void { $stringValue = is_bool ( $value ) ? ( $value ? '1' : '0' ) : ( string ) $value ; self :: updateOrCreate ( [ 'key' => $key ], [ 'value' => $stringValue , 'type' => $type ] ); Cache :: forget ( "setting.{ $key }" ); }
Validate Input
Ensure the value matches the expected type and constraints
Update or Create
Uses updateOrCreate to insert new settings or update existing ones
Clear Cache
Automatically clears the cached value for immediate effect
Setting Types and Casting Settings are stored as strings but automatically cast to the correct type:
From Setting.php:62-71:
private static function castValue ( $value , string $type ) { return match ( $type ) { 'boolean' => ( bool ) $value , 'integer' => ( int ) $value , 'float' => ( float ) $value , 'json' => json_decode ( $value , true ), default => $value , }; }
Supported Types
boolean : Cast to true/falseinteger : Cast to integerfloat : Cast to floating point numberjson : Parsed from JSON string to arraystring : Returned as-is (default)
AI Settings Deep Dive How AI Integration Works
User Requests Generation
User clicks AI generation button in message editor
Permission Check
System verifies user has can_use_ai flag enabled
Daily Limit Check
For non-admins, verify they haven’t exceeded daily limit
Provider Selection
System uses configured AI provider from settings
API Call
Request sent to OpenAI or Gemini API
Usage Recording
For non-admins, usage is recorded in ai_usages table
AI Usage Enforcement From AiController.php:26-38:
if ( ! $user -> isAdmin ()) { $dailyLimit = \App\Models\ Setting :: get ( 'ai_daily_limit' , 5 ); $usageCount = \App\Models\ AiUsage :: where ( 'user_id' , $user -> id ) -> whereDate ( 'created_at' , now () -> today ()) -> count (); if ( $usageCount >= $dailyLimit ) { return response () -> json ([ 'success' => false , 'message' => 'Has alcanzado el límite diario de uso de la IA' ], 429 ); } }
API Key Security : API keys are stored in plain text in the database. Ensure your database is properly secured and backed up. Consider encrypting sensitive settings in production.
AI Provider Configuration Requirements :
Valid OpenAI API key
Access to GPT models
Set ai_provider to openai
Configuration :Setting :: set ( 'ai_provider' , 'openai' , 'string' ); Setting :: set ( 'openai_api_key' , 'sk-...' , 'string' );
Model Used : GPT-4 or GPT-3.5-turbo (configured in AiService)Requirements :
Valid Google Cloud API key
Gemini API access enabled
Set ai_provider to gemini
Configuration :Setting :: set ( 'ai_provider' , 'gemini' , 'string' ); Setting :: set ( 'gemini_api_key' , 'AIza...' , 'string' );
Model Used : Gemini Pro (configured in AiService)Authentication Settings Deep Dive Registration Control When registration is disabled:
Registration form is hidden from the welcome page
Registration routes return errors
Invitation system continues to work for admins
// From web.php:13 'canRegister' => Features :: enabled ( Features :: registration ()),
The registration setting integrates with Laravel Fortify’s features system.
Password Reset Control When password reset is disabled:
“Forgot Password” link is hidden
Password reset routes return errors
Admins can still change passwords in user management
External Authentication : If you use external authentication (OAuth, SSO, LDAP), you may want to disable both registration and password reset features.
Database Schema Settings are stored in the settings table:
CREATE TABLE settings ( id BIGINT UNSIGNED AUTO_INCREMENT PRIMARY KEY , key VARCHAR ( 255 ) NOT NULL UNIQUE , value TEXT NOT NULL , type VARCHAR ( 50 ) NOT NULL DEFAULT 'string' , created_at TIMESTAMP NULL , updated_at TIMESTAMP NULL );
Example Records INSERT INTO settings ( key , value , type ) VALUES ( 'registration_enabled' , '1' , 'boolean' ), ( 'password_reset_enabled' , '1' , 'boolean' ), ( 'ai_provider' , 'openai' , 'string' ), ( 'ai_daily_limit' , '5' , 'integer' );
Cache Management Settings are cached for performance but can be manually cleared:
// Clear all settings cache Setting :: clearCache (); // Clear specific setting cache Cache :: forget ( 'setting.ai_provider' );
From Setting.php:76-83:
public static function clearCache () : void { $settings = self :: all (); foreach ( $settings as $setting ) { Cache :: forget ( "setting.{ $setting -> key }" ); } }
Cache is automatically cleared when settings are updated via Setting::set(). Manual clearing is only needed for debugging or after direct database modifications.
Best Practices
Backup Before Changes
Always backup settings before making significant changes, especially API keys
Test AI Integration
After updating AI settings, test with a non-admin account to verify limits work
Monitor API Usage
Keep track of AI API usage to manage costs and set appropriate daily limits
Document Changes
Keep a log of setting changes for audit purposes
Communicate to Users
Inform users when you disable registration or change AI limits
Security Considerations API Key Protection :
Never commit API keys to version control
Rotate keys periodically
Use environment variables for additional security layer
Monitor API usage for unauthorized access
Implement IP restrictions if your AI provider supports it
Recommended Security Measures
Encrypt API Keys : Consider using Laravel’s encryption for sensitive settingsAudit Logging : Log all setting changes with admin user informationRate Limiting : AI generation route already has throttling (throttle:10,1)Regular Reviews : Periodically review AI usage patterns and adjust limits
Troubleshooting
Settings not taking effect
Check:
Cache has been cleared (php artisan cache:clear)
Database record was actually updated
No environment variables overriding settings
Verify:
API key is valid and active
AI provider setting matches the key provided
User has can_use_ai enabled
User hasn’t exceeded daily limit
API provider service is operational
Ensure:
You’re logged in as admin
Password was recently confirmed
Form validation is passing
Database connection is working
User Management Manage AI permissions for individual users
AI Tools Learn about AI content generation features
Dashboard Return to admin dashboard overview
