dmytroshved's avatar

How to handle admin credentials for local development and production in Laravel?

Hey everyone. I have a question about credentials to login in the project. I wanna to be able to login for local development and for production.

Here’s my situation:

  • I want to be able to login as an admin when working on the project locally.

  • I also want to have an admin account in production, but I don’t want to hardcode the credentials in my seeders or commit them to the repository.

Right now, I’m using UserFactory for the admin email and password credentials like this:

        return [
            'name' => 'dima',
            'email' => '[email protected]',
            'email_verified_at' => null,
            'password' => '321',
            'remember_token' => Str::random(10),
            'role_id' => 2 // admin
        ];

and in DatabaseSeeder:

        // seed users table
        User::factory(1)->create();

I was thinking about putting credentials inside .env or using tinker on production

Which option is more common and more elegant?

Would be grateful for your help

Best regards

0 likes
9 replies
Randy_Johnson's avatar

why do you need to login when working on the project locally, if you're working on your project locally, then you are using a local enviroment, and a local database.

what you do then is you push your website to a server, the website on the server will function the same as on your local system, but others can access it. this is done by

local -> push -> github

server <- pull <- github

If you want to update your website, you just do the same thing.

If you want to login to the admin on server side, you will login to your host dashboard, here you can use the file manager to upload your project.

any kind of admin on the website is usally just to delete or update stuff in the data base, but if you cannot be bothered to make a admin dashboard, you can always just run SQL commands depending on your DB type.

JussiMannisto's avatar

@Randy_Johnson

any kind of admin on the website is usally just to delete or update stuff in the data base, but if you cannot be bothered to make a admin dashboard, you can always just run SQL commands depending on your DB type.

In what world is this realistic, safe, or convenient? You'll always need an admin dashboard. You can't rely on raw SQL queries, which is a big risk in and of itself, and also skips all application hooks and validations.

A normal admin of a company doesn't even know SQL, let alone understand your schema.

1 like
Snapey's avatar

create a console command that creates an admin user and shows you a randomly generated password.

You could further enhance this by making the command only work if the users table is empty.

JussiMannisto's avatar
JussiMannisto
8 months ago
Best Answer
Level 50
  1. Create an artisan command for creating an admin user. It asks for a username and password ($this->ask('Username'), $this->secret('Password')), and creates the model.
  2. Create a database seeder that creates an admin with hard-coded credentials. It's a custom class, not something that executes with plain db:seed. The credentials don't need to be secure, since the command is only ever run manually in a dev environment.

Option 1 can be used in production to create the initial user. Option 2 is an optional convenience method for local development. It's useful early on if you have to flush and re-seed the database.

dmytroshved's avatar

@JussiMannisto What if I'll have UserSeeder, and credentials will stored in the .env?

While seeding db there are several seeders which requires a user in db:

  • ProfileSeeder
  • Recipe (related to user with id 1)

And I cannot simply create user using artisan command (because there is related data for him)

JussiMannisto's avatar

@Dmytro_Shved You could store the credentials in plaintext in .env, but that's only ok development. You shouldn't do that in production.

And I cannot simply create user using artisan command (because there is related data for him)

Sure you can. How is an artisan command any different from a seeder in this regard? You can run any code you want there.

1 like
dmytroshved's avatar

@JussiMannisto Oh sure! So I can create user first by using Tinker, and after that I'll seed the DB with Seeder right? So while seeder will seed the data I'll already have a user in the database!

JussiMannisto's avatar

@Dmytro_Shved Just create an artisan command like @snapey and I suggested. Create the user and any data it needs in the command. There's no need for seeders or any kind of Tinker tricks.

If you require some seeded data before any user can be created (e.g. a set of user roles), you can place them in a seeder. Run the seeder, and then you can create users with the command.

1 like
NekaDava's avatar

Hi, You can seed the user with a sample password which to be shown within the repo (seeder class), and then change it via tinker.

  1. $user = App\Models\User::where('emai', 'test@example')->first();
  2. $user->password = bcrypt('choosen password');
  3. $user->save();

then save your admin credentials in docs, slack, password manager etc.

P.S. The command approach is also good, choose according to the case.

1 like

Please or to participate in this conversation.