Limiting features by subscription

With Peddle, you have access to the the @peddle Blade directive, and the PeddleUser->peddle() method. These are all you need to selectively enable and disable features; based on a user's subscriptions.

Let's look at some of the ways in which we use these methods to enabled and disable features in Peddle:

<a href="{{ route('peddle-...') }}">Help</a>
@guest
    <a href="{{ route('peddle-...') }}">Login</a>
    <a href="{{ route('peddle-...') }}">Register</a>
@endguest
@auth
    <a href="{{ route('peddle-...') }}">Dashboard</a>
    <a href="{{ route('peddle-...') }}">Billing</a>
    <a href="{{ route('peddle-...') }}">Settings</a>
    @peddle('admin')
        <a href="{{ route('peddle-...') }}">Admin</a>
    @endpeddle
    <form method="post" action="{{ route('peddle-...') }}">
        @csrf
        <button>Log Out</button>
    </form>
@endauth

This is from peddle::components.header

Here, we combine @auth, @guest, and @peddle; to selectively show and hide navigation links. @auth and @guest work with Peddle's auth, because all Peddle routes have a middleware that set the auth guard to Peddle.

Wrapping markup in @peddle('admin') means that it will only be visible when the user that's currently logged in has an email address that can be found in the admin.emails section of config/peddle.php.

It's possible for a user to change their email address, in "Settings", and for their new email address to no longer match that of admin.emails list. They'll stop seeing admin functions at that point.

Also note that changing your email address, when you have auth.verification.enabled set to true, will cause you to need to verify your email address again. This is a good thing, because you don't want people changing their email address to one that is in the list and suddenly getting admin privileges...

We strongly recommend you enable email verification, or move your admin features to a different auth gate.

Similarly, we can disabled functionality in controllers and responders:

namespace Gitstore\Peddle\Http\Responders;

use Gitstore\Peddle\Models\PeddleSubscription;
use Gitstore\Peddle\Models\PeddleUser;

class ShowAdminPageResponder
{
    public function handle()
    {
        if (!auth()->user()->peddle('admin')) {
            abort(400);
        }

        // ...
    }
}

We realised you might want to do this at the routing level (and often) so we made a middleware you can use for this purpose:

use Gitstore\Peddle\Http\Middleware\RequireAdminEmailMiddleware;

$router
    ->middleware([
        RequireAdminEmailMiddleware::class,
    ])
    ->group(function(Router $router) {
        $router
            ->get('/admin', [ShowAdminPageResponder::class, 'handle'])
            ->name('peddle-show-admin-page');
    });

@peddle and PeddleUser->peddle() also allow for other parameters; like free and subscribed. If you want to see which specific plan the user is subscribed to, you can refer to the keys in the plans section of config/peddle.php. If you have the following config, for instance:

'plans' => [
    'free' => (object) [
        'id' => -1,
        'name' => 'Free',
        'description' => 'None of the fun.',
        'price' => 0,
    ],
    'yearly' => (object) [
        'id' => 123456,
        'name' => 'Yearly Subscription',
        'description' => 'All of the fun.',
        'price' => 25,
        'currency' => '$',
        'interval' => 'year',
    ],
],

...then you can use @peddle('yearly') or PeddleUser->peddle('yearly') to see if the user is subscribed to that specific plan. Just be sure not to name your paid-for plans free, subscribed, or admin...

Be sure to check out Installing Peddle to see what other parameters the @peddle directive and PeddleUser->peddle() method allow.