Feature request: Admin impersonation (“Login as user”) support

[wbdb]

It would be very useful if Shield provided a first class “impersonation” (a.k.a. “login as user”) feature for session based authentication.

Use case

Admins or support staff often need to temporarily switch into a target user’s session to verify permissions, reproduce UI issues, validate onboarding flows, and ensure role based access works as intended. During impersonation, all views and authorization checks should behave exactly as they do for the target user.

Desired capabilities

• Start impersonation by admin action (e.g. by target user ID), without requiring the target user’s credentials.
• Persist the “original admin” identity so impersonation can be ended safely and the admin session can be restored.
• Provide a clean stop mechanism (optionally: treat logout as “stop impersonation” when impersonation is active).
• Expose an “impersonating” flag and both identities (original admin and target user) for UI and auditing.
• Trigger dedicated events (e.g. impersonationStart, impersonationStop) to enable logging and audit trails.
• Guardrails: easy to restrict to specific groups/permissions and optionally prevent impersonating privileged/system accounts.

Benefits

• Easy to check whether permissions are set correctly. Adjustments work as intended.
• Reduces custom application code and avoids inconsistent implementations across projects.
• Improves security by standardizing guardrails, logging hooks, and correct session handling.
• Helps teams validate authorization and user experience reliably, speeding up debugging and support.

[datamweb]

See :
https://michalsn.dev/posts/impersonation-with-codeigniter-shield/