genaker/free-admin

Magento 2 module that allows free admin login when env.php backend => auth = false

Maintainers

Details

github.com/Genaker/FreeAdmin

Source

Issues

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 0

Forks: 1

Open Issues: 0

Type:magento2-module

pkg:composer/genaker/free-admin

5 2025-08-20 08:18 UTC

Requires

  • magento/framework: >=103.0.0
  • magento/module-backend: >=100.0.0
  • magento/module-user: >=100.0.0

MIT 634fb662d056c19f35826926c3decd3e1ff937f9

  • Genaker <egorshitikov.woop@gmail.com>

This package is auto-updated.

Last update: 2025-10-20 08:46:27 UTC

README

Overview

This module allows free admin login when the Magento_Backend module is disabled in app/etc/config.php.

How It Works

The module uses a before plugin on Magento\Backend\Model\Auth::login() method to:

  1. Security Check: Never bypass authentication in production mode
  2. Check if Magento_Backend module is disabled using Magento's ModuleList and DeploymentConfig classes
  3. If disabled AND not in production mode, bypass normal authentication by:
    • First trying to find admin user by the provided email/username
    • If not found, falling back to the first available admin user
  4. If enabled or in production mode, proceed with normal authentication

Installation

Method 1: Manual Installation

  1. Copy the module to app/code/Genaker/FreeAdmin/
  2. Enable the module: 
    php bin/magento module:enable Genaker_FreeAdmin
  3. Run setup: 
    php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento cache:flush

Method 2: Composer Installation

  1. Add the module to your project's composer.json: 
    {
    "repositories": [
        {
            "type": "path",
            "url": "app/code/Genaker/FreeAdmin"
        }
    ]
}
  2. Install via Composer: 
    composer require genaker/free-admin:1.0.0
  3. Run setup: 
    php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento cache:flush

Usage

To Enable Free Admin Access:

  1. Set backend/auth to false in your deployment configuration (e.g., app/etc/env.php):
'backend' => [
    'auth' => false
],
  1. Clear caches:
php bin/magento cache:flush
  1. Now any username/password combination will work for admin login

To Disable Free Admin Access:

  1. Set backend/auth to true or remove the configuration in your deployment configuration:
'backend' => [
    'auth' => true
],
  1. Clear caches:
php bin/magento cache:flush

Security Warning

⚠️ IMPORTANT: This module is for development/testing purposes only.

  • Never bypasses authentication in production mode - additional safety measure
  • It bypasses authentication when enabled by using existing admin users
  • Requires at least one admin user to exist in the system
  • Only works in development or default modes

Module Structure

Genaker/FreeAdmin/
├── Plugin/
│   └── Backend/
│       └── Model/
│           └── Auth/
│               └── SimpleLoginPlugin.php
├── etc/
│   ├── di.xml
│   └── module.xml
├── composer.json
├── registration.php
└── README.md

Troubleshooting

Module Not Working

  1. Check if module is enabled: php bin/magento module:status Genaker_FreeAdmin
  2. Verify plugin is loaded: php bin/magento setup:di:compile
  3. Clear caches: php bin/magento cache:flush
  4. We need also disable TWO FACTOR Auth modules

Customization

To modify the authentication bypass logic, edit SimpleLoginPlugin.php in the beforeLogin method.

Support

For issues or questions, check the module logs or contact the development team.