• Stars
    star
    211
  • Rank 186,867 (Top 4 %)
  • Language
    PHP
  • License
    MIT License
  • Created over 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A minimal package that helps you login with any password on local environments

Laravel Anypass

anypass_header

Latest Stable Version Quality Score Build Status License StyleCI

Built with โค๏ธ for every "lazy" laravel developer ;)

It is always painful to remember and type in the correct password in the login form while you are in development...

It would be nice to be able to login with any password in local environment and only by changing the .env variables(not the application code), switch to: "real password checking".

(This means you do not need to change your application code, when you deploy your app to production while you enjoy the ease in local environments.)

Actually the behaviour of the auth()->attempt($credentials); simply changes based on the config variable in the auth.php and .env file!

Performance hit:

This package is only a few lines (about 20 lines) of code with almost no overhead.

It is also completely safe to avoid installing it on production without changing your code. Since it is a dev only dependency in your composer.json file.

  "require-dev": {
       "imanghafoori/laravel-anypass": "dev-master",
        ...
  },

Config

To avoid accidental security vulnerabilities, 3 conditions should match before you can login with any password :

in your .env file you must:

1 - APP_ENV=local  // or APP_ENV=testing
2 - APP_DEBUG=true
3 - ANY_PASS=true
4 - WRONG_ANY_PASS=wrong // any password is correct except this one.

That way it is very unlikely to accidentally misconfigure your app to accept any wrong password on production server.

We highly recommend to take a look to the source code.

By default, Anypass will only work if the APP_ENV is set to local or testing. You can override this by defining ANY_PASS_ENVIRONMENTS in your .env file, and setting the value to a comma-separated string of environments. For example:

ANY_PASS=true
ANY_PASS_ENVIRONMENTS="local,testing,acceptance"
  • If you want to manually check the login form behaivour in case of a wrong password in local you can use the "1_Wrong_pass" string. (you CAN enter it in lowercase or uppercase and a combination of both like "1_WrOnG_Pass", and it would be considered as a wrong password.)

๐Ÿ’“ Note

You can not login with an invalid username or an invalid api token. Only the password checking is by-passed.

๐Ÿ”ฅ Installation

composer require --dev imanghafoori/laravel-anypass

(For laravel 5.4 and below: Instead of adding the service provider in the config/app.php file, you can add the following code to your app/Providers/AppServiceProvider.php file, within the register() method:

public function register()
{
    if ($this->app->environment() === 'local' || $this->app->environment() === 'testing') {
        $this->app->register(\Imanghafoori\AnyPass\AnyPassServiceProvider::class);
    }
    // ...
}

โ— Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

โญ Your Stars Make Us Do More โญ

As always if you found this package useful and you want to encourage us to maintain and work on it, Please press the star button to declare your willing.

More from the author:

Laravel Terminator

๐Ÿ’Ž A minimal yet powerful package to give you opportunity to refactor your controllers.


Laravel Widgetize

๐Ÿ’Ž A minimal yet powerful package to give a better structure and caching opportunity for your laravel apps.


Laravel Master Pass

๐Ÿ’Ž A simple package that lets you easily impersonate your users.


Laravel HeyMan

๐Ÿ’Ž It allows to write exressive and defensive code whcih is decoupled from the rest of your app.


More Repositories

1

laravel-microscope

Fearless refactoring, it does a lot of smart checks to find certain errors.
PHP
1,307
star
2

laravel-widgetize

A minimal package to help you make your laravel application cleaner and faster.
PHP
902
star
3

laravel-heyman

Declarative style of authorization and validation in laravel.
PHP
880
star
4

laravel-MasterPass

Helps you securely setup a master password and login into user accounts with it.
PHP
354
star
5

laravel-terminator

A package to help you clean up your controllers in laravel
PHP
246
star
6

laravel-video

A laravel package to stream video content.
PHP
232
star
7

eloquent-relativity

Allows you to decouple your eloquent models from one another.
PHP
147
star
8

laravel-decorator

Easily decorate your method calls with laravel-decorator package
PHP
129
star
9

eloquent-mockery

Mock your eloquent queries without the repository pattern
PHP
123
star
10

laravel-middlewarize

Use middleware to decorate method calls within your application code.
PHP
105
star
11

laravel-nullable

Functional programming paradigms in laravel to avoid run-time errors.
PHP
102
star
12

laravel-temp-tag

Temporarily and Transparently, tag your eloquent models
PHP
100
star
13

laravel-smart-facades

Strategy design pattern in laravel, the easiest way.
PHP
87
star
14

laravel-password-history

Keep a password history of your users to prevent them from reusing the same password.
PHP
64
star
15

iranian-laravel-contributors

The list of people from Iran who have contributed to the laravel framework
40
star
16

laravel-tokenized-login

Two factor authentication in Laravel
PHP
36
star
17

eloquent-history

PHP
31
star
18

smart-realtime-facades

PHP
30
star
19

php-smart-search-replace

Smart search/replace functionality for PHP code
PHP
27
star
20

gilded_rose

Based on a tutorial for code refactoring
PHP
25
star
21

why_github_is_not_open_source

Why github.com is NOT open-source???
25
star
22

laravel-makesure

Readable syntax to write tests in laravel
PHP
21
star
23

eloquent-rating

5 star rating for eloquent models
PHP
18
star
24

laravel-file-cache-cleaner

Delete the obsolete cache files in the storage directory
PHP
15
star
25

php_token_analyzer

PHP
11
star
26

laravel-db-freeze

A package that allows you to bypass any insert, edit, delete into your database in demo mode through .env variables
10
star
27

laravel-anytoken

A minimal development package that helps you fake any api token as a valid one during development
10
star
28

composer-json

A utility class for read composer.json data and use it in PHP
PHP
9
star
29

crudbooster-statistics

Statistics module for Crudbooster CMS
HTML
8
star
30

imanghafoori1

8
star
31

laravel-microscope-ui

8
star
32

laravel-tik8

Simple modular ticketing system by laravel
8
star
33

crudbooster-logs

A plug-in for CrudBooster CMS to add log functionality
PHP
8
star
34

chat

node chat application
HTML
7
star
35

crudbooster-notifications

Adds notification functionality to crudbooster
PHP
7
star
36

laravel-nice-middlewares

This is a plug-in for laravel-middlewarize package.
PHP
6
star
37

questionist

Advanced event/listener system
PHP
6
star
38

abstract_php_filesystem

PHP
3
star
39

example_query

PHP
2
star
40

test-bin

1
star
41

laravel-endpoints

Define your endpoints as classes
1
star
42

git_toturial

1
star