Skip to main content

Overview

Health Manager provides a comprehensive user management system that allows administrators to create, manage, and delete user accounts. The system supports email-based user creation and invitation links for secure onboarding.

Admin Role Assignment

The first user registered in the system is automatically assigned the admin role. This ensures that there is always at least one administrator who can manage other users.
The admin role is automatically assigned during user creation through a boot method in the User model: Source: app/Models/User.php:60-64 
protected static function boot()
{
    parent::boot();
    
    static::creating(function ($user) {
        if (static::count() === 0) {
            $user->role = 'admin';
        }
    });
}
After the first user is created, all subsequent users will have the “user” role by default. Only admins can access administrative functions.

User Roles

Health Manager supports two user roles:
  • admin: Full access to all features, including user management and system configuration
  • user: Standard access to personal health data and features
The role is stored in the users table and can be checked using the isAdmin() method: Source: app/Models/User.php:51-54 
public function isAdmin(): bool
{
    return $this->role === 'admin';
}

Creating Users

Administrators can create new user accounts through the admin panel. The user creation process:
  1. Collects user information: Name and email address
  2. Generates credentials: Automatically creates a secure password and username
  3. Sends email notification: Credentials are emailed to the new user
Source: app/Livewire/Admin/UserManagement.php:22-55
Usernames are automatically generated from the email address:
  1. Extract the local part before the @ symbol
  2. Check if the username already exists
  3. If it exists, append a counter (e.g., john1, john2)
  4. Continue incrementing until a unique username is found
$baseNick = explode('@', $this->email)[0];
$nick = $baseNick;
$counter = 1;
while (User::where('username', $nick)->exists()) {
    $nick = $baseNick . $counter++;
}

Email Notifications

When a user is created, the system attempts to send an email with their credentials:
If email delivery fails, the admin interface will display the generated password. Make sure to copy it and send it to the user through a secure channel.
try {
    Mail::to($user->email)->send(new NewUserCredentials($user->email, $password));
    session()->flash('status', "User created and email sent to {$this->email}");
} catch (\Exception $e) {
    session()->flash('error', "User created, but email delivery failed. Password: $password");
}
Administrators can generate invitation links that allow users to self-register: Source: app/Livewire/Admin/UserManagement.php:71-85
  1. Admin generates an invite link from the user management panel
  2. System creates a unique token and stores it in the invitations table
  3. Link expires after 24 hours
  4. Users can register using the link before expiration
Invitation tokens are 40-character random strings, providing high security against guessing attacks.
  • Token length: 40 characters (random alphanumeric)
  • Default role: “user”
  • Expiration: 24 hours from creation
  • Single use: Token is marked as used after registration

Deleting Users

Administrators can delete user accounts with the following restrictions:
Administrators cannot delete their own account. This prevents accidental lockout from the system.
Source: app/Livewire/Admin/UserManagement.php:57-62 
public function deleteUser($id)
{
    if ($id === auth()->id()) return;
    
    User::find($id)?->delete();
}
When a user is deleted:
  • All associated health data is removed (cascade delete)
  • All permission relationships are removed
  • The user’s authentication sessions are invalidated

Access Control

Only users with the admin role can access user management features. This is enforced through the EnsureUserIsAdmin middleware: Source: app/Http/Middleware/EnsureUserIsAdmin.php:16-22 
if (!auth()->check() || !auth()->user()->isAdmin()) {
    abort(403, 'Access denied. Admins only.');
}
If a non-admin user attempts to access admin routes, they will receive a 403 Forbidden error.

Best Practices

  1. Regular audits: Periodically review user accounts and remove inactive users
  2. Secure communication: If email delivery fails, use secure channels to share credentials
  3. Monitor invitations: Check for expired invitation links and remove them
  4. Role assignment: Only grant admin privileges to trusted users
  5. Account cleanup: Remove test accounts and temporary users promptly

Database Schema

The user management system uses the following tables:

Users Table

users
  - id: Primary key
  - name: User's full name
  - email: Email address (unique)
  - username: Username (unique)
  - password: Hashed password
  - role: 'admin' or 'user' (default: 'user')
  - created_at, updated_at: Timestamps

Invitations Table

invitations
  - id: Primary key
  - token: 64-character unique token
  - role: Role to assign (default: 'user')
  - expires_at: Expiration timestamp
  - used_at: Timestamp when used (nullable)
  - created_at, updated_at: Timestamps

Build docs developers (and LLMs) love

Get started for freeTalk to us