Privat is a very simple password protection for Laravel projects. It's useful for websites in a staging state.
composer require code16/privatAdd the following middleware in your project configuration.
\Code16\Privat\PrivatMiddleware::classTypically, you can add it at the end of the 'web' key in your $middlewareGroups array (in app/Http/Kernel).
First create the privat config file:
php artisan vendor:publish --provider="Code16\Privat\PrivatServiceProvider"And then edit the new /config/privat.php accordingly (nothing fancy); you can handle it with this keys in your .env file:
- PRIVAT_RESTRICTED=true
- PRIVAT_PASSWORD=mypassword
The except config param is built like this:
"except" => [
"hosts" => env("PRIVAT_EXCEPTED_HOSTS", ""),
"urls" => env("PRIVAT_EXCEPTED_URLS", "")
]The urls config key is meant to contain a comma separated list of URLs excluded from Privat; for instance "/login,/admin".
The hosts config key is the same, but for hosts (in case of a multi-hosts website).
If you need to present a public waiting page, here's how: set the waiting page view name in the waiting_view config key (in config/privat.php):
"waiting_view" => "demo.waiting"From then, all requests without the Privat registration will be redirected to /privat_waiting which will render the configured view, except /privat, which will still present the Privat form.
Quite simple: if the given password is correct, Privat sets a session property, and look for it on each request. So, obviously, Privat won't work on non session based systems (an API for instance).
MIT