Easily integrate legal documents (like privacy policies, terms of use, etc.) to your application.
You can install the package via composer:
composer require dedecube/laravel-legal-consentYou can publish and run the migrations with:
php artisan vendor:publish --tag="legal-consent-migrations"
php artisan migrateYou can publish the config file with:
php artisan vendor:publish --tag="legal-consent-config"To use the package, add the Dedecube\LegalConsent\HasLegalConsent trait to the all Authenticatable models you want to handle.
Here's an example including the HasLegalConsent trait to User :
<?php
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Dedecube\LegalConsent\HasLegalConsent;
class User extends Authenticatable
{
use HasLegalConsent;
//
}Once done, you must define the list of allowed document types by adding them in the allowed_document_types list from config/legal-consent.php.
'allowed_document_types' => [
'privacy-policy',
'terms-of-use',
],You can then create one or multiple documents from the DB or, if you wish, you could handle the creation with a CMS.
Here are the fields who should be filled:
- type: the document type name
- body: the content of the document
- noted: additional notes to show for the document
- published_at: the date of publication for the given document
Let's say we create a privacy policy document with the publication on 2021-01-01: here's the model entity we would have:
$legalDocument = [
"id" => 1,
"type" => "privacy-policy",
"body" => "The privacy policy's very long text",
"notes" => "",
"published_at" => "2021-01-01",
"updated_at" => "2021-01-01",
"created_at" => "2021-01-01",
];You can now call the custom API to retrieve and accept the current document, which can be customized in config/legal-consent.php:
This endpoint retrieves the current legal document using the given criteria:
- the document type must be
privacy-policy - the published_at date must be earlier than
now()
The document entries are then ordered by their published_at date in order to pick the latest one published.
The response contains the document id (used for the POST route) along with all its information useful for rendering. Here is a sample response body:
{
"data": {
"id": 1,
"type": "privacy-policy",
"body": "The privacy policy's very long text",
"notes": "",
"published_at": "2021-01-01"
}
}This endpoint stores the consent for the given document from the currently authenticated user.
You can eventually accept all active legal documents using our listener.
This can be useful, for example, when your application handles the registration of users, and they must accept all legal documents through a checkbox before proceeding.
In this case, all you should do is add the listener to the Registered event in EventServiceProvider:
use Dedecube\LegalConsent\Listeners\AcceptLegalDocumentListener;
/**
* The event listener mappings for the application.
*
* @var array
*/
protected $listen = [
Registered::class => [
AcceptLegalDocumentListener::class, // all currently active legal documents will be accepted
SendEmailVerificationNotification::class,
],
];composer testPlease see CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING for details.
Please review our security policy on how to report security vulnerabilities.
The MIT License (MIT). Please see License File for more information.