zillur-web/laravel-web-terminal

Secure web-based Laravel Artisan terminal for browser

Maintainers

Package info

github.com/zillur-web/laravel-web-terminal

pkg:composer/zillur-web/laravel-web-terminal

Statistics

Installs: 4

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v1.0.1 2026-03-03 10:24 UTC

Requires

MIT cdb284f77d1d671fcbc751b637e0c5f37c31e484

  • Zillur Rahman <zillur.web.woop@gmail.com>

This package is auto-updated.

Last update: 2026-05-01 00:16:49 UTC

README

A secure web-based Artisan terminal for Laravel applications.

Laravel Web Terminal allows you to run selected Artisan commands directly from your browser with proper security and command whitelisting.

✨ Features

  • Run selected Artisan commands from browser
  • Command whitelist protection
  • Configurable route prefix
  • Middleware protection (web + CSRF)
  • Optional secret token for security (login-free access)
  • Publishable configuration file and views
  • Laravel auto-discovery support
  • Compatible with Laravel 8 → 12
  • Compatible with PHP 8.0 → 8.5

📦 Installation

Install via Composer:

composer require zillur-web/laravel-web-terminal

⚙️ Publish Configuration

php artisan vendor:publish --tag=web-terminal-config

Optional: Publish views

php artisan vendor:publish --tag=web-terminal-views

🚀 Usage

Visit /terminal route to access the terminal.

Optional secret token is required for access (login-free)

Token can be passed via query string or header (X-WEB-TERMINAL-TOKEN)

Example: /terminal?token=laravel-web-terminal

Or in JavaScript headers:

headers: {
    "X-WEB-TERMINAL-TOKEN": "laravel-web-terminal"
}

🔐 Security

For security reasons, only commands listed in the configuration file are allowed.

Example config:

'allowed_commands' => [
    'migrate',
    'cache:clear',
    'config:clear',
    'route:clear',
    'queue:restart',
],

It is strongly recommended to use authentication middleware in production.

⚙️ Configuration

Config file: config/web-terminal.php

return [

    // Route prefix
    'prefix' => 'terminal',

    // Middleware
    'middleware' => ['web'],

    // Allowed artisan commands
    'allowed_commands' => [
        'migrate',
        'cache:clear',
        'config:clear',
        'route:clear',
        'queue:restart',
    ],

    // Optional secret token for security (login-free access)
    'access_token' => env('WEB_TERMINAL_TOKEN', 'laravel-web-terminal'),

];

🖥 Requirements

  • PHP 8.0 → 8.5
  • Laravel 8 → 12

🤝 Contributing

Contributions are welcome. Feel free to submit a pull request.

📄 License

This package is open-sourced software licensed under the MIT license.