code16 / privat
Simple private access package for Laravel.
Installs: 35 524
Dependents: 0
Suggesters: 0
Security: 0
Stars: 13
Watchers: 3
Forks: 8
Open Issues: 3
Type:project
Requires
- php: 8.4.*
- laravel/framework: ^11.0|^12.0
Requires (Dev)
- doctrine/dbal: ^3.5
- fakerphp/faker: ^1.19.0
- mockery/mockery: ^1.5.0
- orchestra/testbench: 9.*|10.*
- pestphp/pest: ^3.0
- pestphp/pest-plugin-drift: ^3.0
- pestphp/pest-plugin-laravel: ^3.0
- phpunit/phpunit: ^11.0
README
Privat is a very simple password protection for Laravel projects. It's useful for websites in a staging state.
Usage
Install with composer
composer require code16/privat
Configure Privat via .env keys
PRIVAT_ENABLED=true PRIVAT_PASSWORD=mypassword
Advanced usage
Choose impacted middleware groups
By default, Privat will protect the web middleware group. If you want to impact other groups, you can tweak the corresponding .env key:
PRIVAT_MIDDLEWARE_GROUP=web,admin
Handle exceptions
You can exclude some hosts or URLs from Privat:
PRIVAT_EXCEPTED_URLS="/login,/admin" PRIVAT_EXCEPTED_HOSTS="admin.mywebsite.com"
Waiting page
If you need to present a public waiting page, set the waiting page view name in the PRIVAT_WAITING_VIEW env key:
PRIVAT_WAITING_VIEW="demo.waiting"
From then, all requests without the Privat registration will be redirected to /privat_waiting which will render the configured view, except /privat, which will still present the Privat form.
Publish the config file
Of course, you can publish the config file instead of using env variables (even if we think it’s more convenient for such a tool):
php artisan vendor:publish --provider="Code16\Privat\PrivatServiceProvider"
How does it work
Quite simple: if the given password is correct, Privat sets a session property, and look for it on each request. So, obviously, Privat won't work on non session based systems (an API for instance).
License
MIT