A HTTP basic auth middleware for Laravel

9.0.0 2023-02-14 10:29 UTC



Laravel Shield

A HTTP basic auth middleware for Laravel.

// Use on your routes.
Route::get('/', ['middleware' => 'shield'], function () {
    // Your protected page.

// Use it within your controller constructor.

// Use specific user credentials.

Build Status Monthly Downloads Latest Version


Require this package, with Composer, in the root directory of your project.

composer require vinkla/shield

Add the middleware to the $routeMiddleware array in your Kernel.php file.

'shield' => \Vinkla\Shield\ShieldMiddleware::class,


Laravel Shield requires configuration. To get started, you'll need to publish all vendor assets:

$ php artisan vendor:publish

This will create a config/shield.php file in your app that you can modify to set your configuration. Also, make sure you check for changes to the original config file in this package between releases.

HTTP Basic Auth Credentials

The user credentials which are used when logging in with HTTP basic authentication.


To protect your routes with the shield you can add it to the routes file.

Route::get('/', ['middleware' => 'shield'], function () {
    // Your protected page.

You can also add the shield middleware to your controllers constructor.


The middleware accepts one optional parameter to specify which user credentials to compared with.


To add a new user, you probably want to use hashed credentials. Hashed credentials can be generated with the password_hash() function in the terminal:

php -r "echo password_hash('my-secret-passphrase', PASSWORD_DEFAULT);"

Then copy and paste the hashed credentials to the .env environment file.