v5.3.0

What's Changed

• Allow user to specify spa mode on redirect regardless of Filament configuration by @machacekmartin in #148

New Contributors

• @machacekmartin made their first contribution in #148

Full Changelog: v5.2.0...v5.3.0

v5.2.0

What's Changed

• Add Romanian translation by @ideacatlab in #150

New Contributors

• @ideacatlab made their first contribution in #150

Full Changelog: v5.1.0...v5.2.0

v5.1.0

What's Changed

• Add language support for zh_CN, zh_TW, ta, and ms by @chengkangzai in #149

New Contributors

• @chengkangzai made their first contribution in #149

Full Changelog: v5.0.0...v5.1.0

v5.0.0

What's New

This is a major release that removes the lab404/laravel-impersonate dependency entirely, replacing it with a lean, native implementation purpose-built for Filament — with full Octane compatibility.

Native impersonation engine

All impersonation logic is now handled internally by ImpersonateManager — a stateless, Octane-safe service registered as a scoped binding. No more pulling in a general-purpose impersonation package.

Octane support

Impersonation works correctly under Laravel Octane (Swoole and FrankenPHP). The package uses direct session manipulation with Laravel's stock SessionGuard, avoiding any custom guard registration that could break under Octane's request sandboxing.

Impersonation facade

A new Impersonation facade provides a clean static API:

use STS\FilamentImpersonate\Facades\Impersonation;

Impersonation::isImpersonating();
Impersonation::getImpersonator();
Impersonation::getImpersonatorId();
Impersonation::enter($from, $to, $guardName);
Impersonation::leave();

Events

New package-owned events replace the lab404 events:

• STS\FilamentImpersonate\Events\EnterImpersonation
• STS\FilamentImpersonate\Events\LeaveImpersonation

Both carry $impersonator and $impersonated public properties.

Failure feedback

When impersonation fails (e.g. incompatible guard), a Filament danger notification is now shown instead of silently doing nothing. Diagnostic Log::warning() messages are also emitted for debugging.

---

Upgrading from v4

Removed: lab404/laravel-impersonate dependency

The package no longer requires or uses lab404/laravel-impersonate. It will be removed from your composer.lock automatically on update.

Removed: Impersonate trait (STS\FilamentImpersonate\Models\Impersonate)

The trait that was added to User models has been removed. If your User model uses this trait, remove it:

- use STS\FilamentImpersonate\Models\Impersonate;
-
  class User extends Authenticatable
  {
-     use Impersonate;
  }

If you had canImpersonate() or canBeImpersonated() methods on your model via the trait, just keep them as regular methods — the action checks for them with method_exists().

Removed: guard config key

The filament-impersonate.guard config option has been removed. The guard is now determined by the Filament panel's auth guard. For per-action override, use ->guard('custom') on the action.

If you published the config file, you can remove the guard key.

Changed: Event classes

If you listen for impersonation events, update your imports:

- use Lab404\Impersonate\Events\TakeImpersonation;
- use Lab404\Impersonate\Events\LeaveImpersonation;
+ use STS\FilamentImpersonate\Events\EnterImpersonation;
+ use STS\FilamentImpersonate\Events\LeaveImpersonation;

Changed: ImpersonateManager namespace

If you referenced the manager directly (most users won't have), the namespace changed:

- use Lab404\Impersonate\Services\ImpersonateManager;
+ use STS\FilamentImpersonate\ImpersonateManager;

Prefer using the Impersonation facade instead.

Changed: impersonateRecord() signature

The unused second parameter $visible has been removed:

- ->impersonateRecord($record, $visible)
+ ->impersonateRecord($record)

---

Internal Improvements

• 124 tests covering the manager, action, banner, route, facade, and configuration
• Translations for all 16 supported languages
• Updated README with current Filament v5 examples and fresh screenshots

v5.0.0-beta.3

Changes

• Octane compatibility: Replaced custom SessionGuard with direct session manipulation. The custom guard registered via Auth::extend() was not surviving Octane's request sandboxing, causing impersonation to fail silently under Swoole/FrankenPHP. The package now manipulates auth session keys directly using Laravel's stock SessionGuard, removing the fragile class coupling.

• Failure notification: When impersonation fails, a Filament danger notification is now shown instead of silently doing nothing.

• Diagnostic logging: Log::warning() is now emitted when enter() or leave() fails, with guard and user context for debugging.

• LeaveImpersonation event: The $impersonated parameter is now nullable to handle edge cases where the impersonated user was soft-deleted or removed during the session.

v5.0.0-beta.2

Bug Fix

• Fixed table row action not triggering impersonation — The action callback in setUp() was missing the $record parameter, causing the impersonate button on table rows to silently fail. The visible() callback was correct, so the button appeared but clicking it did nothing. (#146)

Full Changelog

See v5.0.0-beta.1 for the complete list of changes in the v5 release.

v5.0.0-beta.1

What's New

This is a major release that removes the lab404/laravel-impersonate dependency entirely, replacing it with a lean, native implementation purpose-built for Filament.

Native impersonation engine

All impersonation logic is now handled internally by ImpersonateManager — a stateless, Octane-safe service registered as a scoped binding. No more pulling in a general-purpose impersonation package.

Impersonation facade

A new Impersonation facade provides a clean static API:

use STS\FilamentImpersonate\Facades\Impersonation;

Impersonation::isImpersonating();
Impersonation::getImpersonator();
Impersonation::getImpersonatorId();
Impersonation::enter($from, $to, $guardName);
Impersonation::leave();

Custom SessionGuard

A custom SessionGuard with quietLogin() / quietLogout() methods handles user switching without firing Laravel's auth events, preserving session state during impersonation.

Events

New package-owned events replace the lab404 events:

• STS\FilamentImpersonate\Events\EnterImpersonation
• STS\FilamentImpersonate\Events\LeaveImpersonation

Both carry $impersonator and $impersonated public properties.

---

Breaking Changes

Removed: lab404/laravel-impersonate dependency

The package no longer requires or uses lab404/laravel-impersonate. It will be removed from your composer.lock automatically on update.

Removed: Impersonate trait (STS\FilamentImpersonate\Models\Impersonate)

The trait that was added to User models has been removed. The action uses method_exists() checks, so the trait was never required. If your User model uses this trait, remove it:

- use STS\FilamentImpersonate\Models\Impersonate;
-
  class User extends Authenticatable
  {
-     use Impersonate;
  }

If you had canImpersonate() or canBeImpersonated() methods on your model via the trait, just keep them as regular methods — the action checks for them with method_exists().

Removed: guard config key

The filament-impersonate.guard config option has been removed. The guard is now determined by the Filament panel's auth guard (which is the correct default). For per-action override, use ->guard('custom') on the action.

If you published the config file, you can remove the guard key.

Changed: Event classes

If you listen for impersonation events, update your imports:

- use Lab404\Impersonate\Events\TakeImpersonation;
- use Lab404\Impersonate\Events\LeaveImpersonation;
+ use STS\FilamentImpersonate\Events\EnterImpersonation;
+ use STS\FilamentImpersonate\Events\LeaveImpersonation;

Changed: ImpersonateManager namespace

If you referenced the manager directly (most users won't have), the namespace changed:

- use Lab404\Impersonate\Services\ImpersonateManager;
+ use STS\FilamentImpersonate\ImpersonateManager;

Prefer using the Impersonation facade instead.

Changed: impersonateRecord() signature

The unused second parameter $visible has been removed:

- ->impersonateRecord($record, $visible)
+ ->impersonateRecord($record)

Changed: app('impersonate') / app(ImpersonateManager::class)

These still work, but the recommended API is now the Impersonation facade.

---

Internal Improvements

• Error handling: enter() failure is now caught and handled before redirecting
• Session cleanup: clear() now also removes stale remember-me cookie staging data
• Auth hash clearing: Simplified with a collect pipeline instead of nested conditionals
• Code organization: Dense canImpersonate() boolean chain decomposed into readable guard clauses
• 125 tests covering the manager, action, banner, route, facade, and configuration

4.1.4

What's Changed

• Fix extra margin gap in Filament sidebar when impersonating by @jszobody in #145

Full Changelog: 4.1.3...4.1.4

4.1.3

What's Changed

• Add fallback for missing session back_to in leave route by @jszobody in #140

Full Changelog: 4.1.2...4.1.3

4.1.2

What's Changed

• Fix redirect handling for modal/Livewire contexts by @jszobody in #138

Full Changelog: 4.1.1...4.1.2