|
2 | 2 |
|
3 | 3 | #### Quickly add some password protection to a staging site. |
4 | 4 |
|
5 | | -This package is in development. |
| 5 | +## Requirements |
| 6 | + |
| 7 | +- PHP >= 7.0 |
| 8 | +- Laravel >= 5.5 |
| 9 | + |
| 10 | +## Installation |
| 11 | + |
| 12 | +Require the package via Composer: |
| 13 | + |
| 14 | +``` |
| 15 | +composer require codezero/laravel-stagefront |
| 16 | +``` |
| 17 | + |
| 18 | +Add the middleware to the web middleware group, **right after the `SartSession` middleware**: |
| 19 | + |
| 20 | +```php |
| 21 | +\CodeZero\StageFront\Middleware\RedirectIfStageFrontIsEnabled::class, |
| 22 | +``` |
| 23 | + |
| 24 | +Laravel will automatically register the `ServiceProvider`. |
| 25 | + |
| 26 | +## Quick Setup |
| 27 | + |
| 28 | +Set some options in your `.env` file or publish the [configuration file](#publish-configuration-file). |
| 29 | + |
| 30 | +Enable StageFront and choose a login and password: |
| 31 | + |
| 32 | +| Option | Type | Default | |
| 33 | +| ---------------------- | -------- | ------------ | |
| 34 | +| `STAGEFRONT_ENABLED` | `bool` | `false` | |
| 35 | +| `STAGEFRONT_LOGIN` | `string` | `stagefront` | |
| 36 | +| `STAGEFRONT_PASSWORD` | `string` | `stagefront` | |
| 37 | +| `STAGEFRONT_ENCRYPTED` | `bool` | `false` | |
| 38 | + |
| 39 | +By default StageFront is disabled and uses a plain text password. |
| 40 | + |
| 41 | +If you set `STAGEFRONT_ENCRYPTED` to `true` the password should be a hashed value. |
| 42 | +You can generate this using Laravel's `bcrypt('your password')` function. |
| 43 | + |
| 44 | +## Database Logins |
| 45 | + |
| 46 | +If you have existing users in the database and want to use those credentials, you can set `STAGEFRONT_DATABASE` to `true`. The above settings will then be ignored. |
| 47 | + |
| 48 | +| Option | Type | Default | |
| 49 | +| ------------------------------------ | --------------- | ---------- | |
| 50 | +| `STAGEFRONT_DATABASE` | `bool` | `false` | |
| 51 | +| `STAGEFRONT_DATABASE_WHITELIST` | `string`|`null` | `null` | |
| 52 | +| `STAGEFRONT_DATABASE_TABLE` | `string` | `users` | |
| 53 | +| `STAGEFRONT_DATABASE_LOGIN_FIELD` | `string` | `email` | |
| 54 | +| `STAGEFRONT_DATABASE_PASSWORD_FIELD` | `string` | `password` | |
| 55 | + |
| 56 | +If you want to grant access to just a few of those users, you can whitelist them by setting `STAGEFRONT_DATABASE_WHITELIST` to a comma separated string: `'john@doe.io,jane@doe.io'`. |
| 57 | + |
| 58 | +By default the `users` table is used with the `email` and `password` field names. But you can change this if you are using some other table or fields. |
| 59 | + |
| 60 | +## Change Route URL |
| 61 | + |
| 62 | +By default a `GET` and `POST` route will be registered with the `/stagefront` URL. |
| 63 | +You can change the URL by setting this option: |
| 64 | + |
| 65 | +| Option | Type | Default | |
| 66 | +| ---------------- | -------- | ------------ | |
| 67 | +| `STAGEFRONT_URL` | `string` | `stagefront` | |
| 68 | + |
| 69 | +It runs under the `web` middleware since it uses the session to keep you logged in. You can change the middleware if needed in the [configuration file](#publish-configuration-file). |
| 70 | + |
| 71 | +## Ignore URLs |
| 72 | + |
| 73 | +If for any reason you wish to disable StageFront on specific routes, you can add these to the `ignore_urls` array in the [configuration file](#publish-configuration-file). You can use wildcards if needed. You can't set this in the `.env` file. |
| 74 | + |
| 75 | +For example: |
| 76 | + |
| 77 | +```php |
| 78 | +'ignore_urls' => [ |
| 79 | + // ignores /john, but noting under /john |
| 80 | + '/john', |
| 81 | + // ignores everyting under /jane, but not /jane itself |
| 82 | + '/jane/*', |
| 83 | +], |
| 84 | +``` |
| 85 | + |
| 86 | +## Link Live Site |
| 87 | + |
| 88 | +If you set the URL to your live site, a link will be shown underneath the login form. |
| 89 | + |
| 90 | +| Option | Type | Default | |
| 91 | +| ---------------------- | -------- | ------- | |
| 92 | +| `STAGEFRONT_LIVE_SITE` | `string` | `null` | |
| 93 | + |
| 94 | +Make sure you enter the full URL, including `https://`. |
| 95 | + |
| 96 | +## Publish Configuration File |
| 97 | + |
| 98 | +You can also publish the configuration file. |
| 99 | + |
| 100 | +``` |
| 101 | +php artisan vendor:publish |
| 102 | +``` |
| 103 | + |
| 104 | +Each option is documented. |
| 105 | + |
| 106 | +## Translations & Login View |
| 107 | + |
| 108 | +You can publish the translations to quickly adjust the text on the login screen and the errors. If you want to customize the login page entirely, you can also publish the view. |
| 109 | + |
| 110 | +``` |
| 111 | +php artisan vendor:publish |
| 112 | +``` |
| 113 | + |
| 114 | +Extra translations are always welcome. :) |
| 115 | + |
| 116 | +## Laravel Debugbar |
| 117 | + |
| 118 | +Laravel Debugbar will be disabled on the StageFront login page automatically if you use it in your project. This will hide any potential sensitive data from the public, if by accident Debugbar is running on your staging site. |
| 119 | + |
| 120 | +## Testing |
| 121 | + |
| 122 | +``` |
| 123 | +vendor/bin/phpunit |
| 124 | +``` |
| 125 | + |
| 126 | +## Security |
| 127 | + |
| 128 | +If you discover any security related issues, please [e-mail me](mailto:ivan@codezero.be) instead of using the issue tracker. |
6 | 129 |
|
7 | 130 | ## License |
8 | 131 |
|
|
0 commit comments