feature(impersonate as user): Admin can impersonate as others users

app/Http/Controllers/Auth/ImpersonatedUserController.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Auth;
+
+class ImpersonatedUserController extends Controller
+{
+    public function store(User $user)
+    {
+        Session()->put('impersonate', Auth::id());
+
+        Auth::login($user);
+
+        return to_route('explore');
+    }
+
+    public function destroy()
+    {
+        $adminId = Session()->get('impersonate');
+
+        Auth::loginUsingId($adminId);
+
+        Session()->forget('impersonate');
+
+        return to_route('admin.dashboard');
+    }
+}

routes/web/auth.php

@@ -1,7 +1,10 @@
 <?php
 
+use App\Enums\UserTypes;
 use App\Http\Controllers\Auth\AuthenticatedUserController;
+use App\Http\Controllers\Auth\ImpersonatedUserController;
 use App\Http\Controllers\Auth\RegisteredUserController;
+use App\Http\Middleware\HasRole;
 
 Route::middleware('guest')->group(function () {
     Route::resource('/login', AuthenticatedUserController::class)
@@ -13,3 +16,8 @@
 Route::delete('/logout', [AuthenticatedUserController::class, 'destroy'])
     ->middleware('auth')
     ->name('logout');
+
+Route::middleware([HasRole::class.':'.UserTypes::Admin->value, 'auth'])->group(function () {
+    Route::get('/impersonate/{user}', [ImpersonatedUserController::class, 'store'])->name('impersonate');
+    Route::delete('/impersonate', [ImpersonatedUserController::class, 'destroy'])->name('impersonate.destroy');
+});