Oh Dear is the all-in-one monitoring tool for your entire website. We monitor uptime, SSL certificates, broken links, scheduled tasks and more. You'll get a notifications for us when something's wrong. All that paired with a developer friendly API and kick-ass documentation. O, and you'll also be able to create a public status page under a minute. Start monitoring using our free trial now.

Using login links in a Laravel app

Original – by Freek Van der Herten – 3 minute read

I'm proud to announce that our team has launched a new package called spatie/laravel-login-link.

In this blog post, I'd like to tell you all about it.

When developing an app with an admin section (or any non-public section), you'll likely seed test users to log in. In large teams that work on many different apps, it can be cumbersome to keep track of the right credentials. Is the user account "yourname@company.com", or "test@company.com", or even "admin@company.com"? Is that password "password", "secret", or something else? How do I log in with a user that has a different role?

This package solves that problem by offering a component to render a login link. When clicked, you will be logged in.

Beware, however, that you should never display login links in publicly reachable environments, as it will allow anyone to log in.

You can add the x-login-link component to show the login link in your login view. The @env('local') will ensure that the links are only rendered in the local environment.

@env('local')
    <div class="space-y-2">
        <x-login-link email="admin@spatie.be" label="Login as admin"/>
        <x-login-link email="user@spatie.be" label="Login as regular user"/>
    </div>
@endenv

Here's how that might look like in the browser:

screenshot

The package will log in the first user in your users table by default, but that can be customised. You can add an email attribute, and the user with that mail address will be logged in.

<x-login-link email="admin@example.com"  />

Alternatively, you can specify the key of the user (in most cases, this will be the id)

<x-login-link id="123"  />

You can also specify the attributes of the user that needs to be logged in.

<x-login-link :user-attributes="['role' => 'admin']"  />

If the user that needs to be logged in does not exist, the package will use the factory of your user model to create the user and log that new user in. If you don't want this behaviour, set automatically_create_missing_users in the local-link config file to false.

A login link will redirect you to /. That can be customised by passing a redirect-url attribute.

<x-login-link redirect-url={{ route('dashboard') }}  />

A note on security

Make sure that you only render the links in a local environment by wrapping it in an env check.

@env('local')
	<x-login-link>
@endev

In the controller that performs the login, there's also an additional check to make sure it is only used in the local environment.

In closing

My colleague Rias was the first in our team to add a login link to a project. He got the idea from a blog post (but doesn't remember which one 😅). Because we see ourselves using a login link in every future project, we decided to package it up. We hope that this package will also be handy for your projects.

This isn't the first package that our team has built. On our company website, check out all our open source packages in this long list. If you want to support us, consider picking up any of our paid products.

Stay up to date with all things Laravel, PHP, and JavaScript.

Follow me on Twitter. I regularly tweet out programming tips, and what I myself have learned in ongoing projects.

Every month I send out a newsletter containing lots of interesting stuff for the modern PHP developer.

Expect quick tips & tricks, interesting tutorials, opinions and packages. Because I work with Laravel every day there is an emphasis on that framework.

Rest assured that I will only use your email address to send you the newsletter and will not use it for any other purposes.

Comments

avatar

This is weirdly, a useful package I found this week 😅

👍 1
Comments powered by Laravel Comments
Want to join the conversation? Log in or create an account to post a comment.