Download the PHP package codezero/laravel-stagefront without Composer

On this page you can find all versions of the php package codezero/laravel-stagefront. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-stagefront

Laravel StageFront

GitHub release Laravel Build Status Code Quality Total Downloads

ko-fi

Quickly add password protection to a staging site.

Shielding a staging or demo website from the public usually involves setting op authentication separate from the actual project. This isn't always easy or is cumbersome at the least.

It doesn't have to be!

By installing StageFront with composer, adding the middleware and setting 3 variables in your .env file you are ready to go. As you will discover below, you also have a bunch more options available.

✅ Requirements

📦 Installation

☑️ Require the package via Composer:

Laravel will automatically register the ServiceProvider and routes.

When StageFront is disabled, its routes will not be registered.

☑️ Install Middleware

To activate the middleware, add it to the web middleware group in app/Http/Kernel.php, right after the StartSession middleware:

In Laravel 6+ you need to add the middleware to the $middlewarePriority array in app/Http/Kernel.php, right after the StartSession middleware.

Now you just need to set some .env variables and you are up and running!

⌨️ Quick Setup

Set some options in your .env file or publish the configuration file.

See an example .env file.

Enable StageFront and choose a login and password:

Option Type Default
STAGEFRONT_ENABLED bool false
STAGEFRONT_LOGIN string stagefront
STAGEFRONT_PASSWORD string stagefront
STAGEFRONT_ENCRYPTED bool false

By default StageFront is disabled and uses a plain text password when it's enabled. If you set STAGEFRONT_ENCRYPTED to true the password should be a hashed value. You can generate this using Laravel's \Hash::make('your password') function.

Artisan Commands for Quick Setup

You can also update the credentials in the .env file with our artisan command:

If you don't enter a username or password, the command will ask for your input step by step:

Next, you can enable or disable StageFront:

👥 Database Logins

If you have existing users in the database and want to use those credentials, you can set STAGEFRONT_DATABASE to true. The above login and password settings will then be ignored.

Option Type Default
STAGEFRONT_DATABASE bool false
STAGEFRONT_DATABASE_WHITELIST string null
STAGEFRONT_DATABASE_TABLE string users
STAGEFRONT_DATABASE_LOGIN_FIELD string email
STAGEFRONT_DATABASE_PASSWORD_FIELD string password

If you want to grant access to just a few of those users, you can whitelist them by setting STAGEFRONT_DATABASE_WHITELIST to a comma separated string: '[email protected],[email protected]'. In the config file itself you can also use an array of e-mail addresses.

By default the users table is used with the email and password field names. But you can change this if you are using some other table or fields.

🔖 IP Whitelist

You can add a comma separated list of IP's to grant these users easier or exclusive access to your staging site. For example: '1.2.3.4,1.2.3.4'. In the config file itself you can also use an array of IP's.

Option Type Default
STAGEFRONT_IP_WHITELIST string null
STAGEFRONT_IP_WHITELIST_ONLY bool false
STAGEFRONT_IP_WHITELIST_REQUIRE_LOGIN bool false

When you add IP's to your whitelist, the default behavior is that these users will have instant access to the site, while someone with another IP will be presented with the normal login form.

To exclusively allow whitelisted IP's to access your site, set STAGEFRONT_IP_WHITELIST_ONLY to true. Users from other IP's will now get a 403 - Forbidden error.

To crank up security, you may also require whitelisted IP's to go through the login form. Set STAGEFRONT_IP_WHITELIST_REQUIRE_LOGIN to true to set this up.

⚙️ Other Options

☑️ Change Route URL

By default a GET and POST route will be registered with the /stagefront URL.

You can change the URL by setting this option:

Option Type Default
STAGEFRONT_URL string stagefront

It runs under the web middleware since it uses the session to keep you logged in.

You can change the middleware if needed in the configuration file.

☑️ Throttle Login Attempts

To prevent malicious users from brute forcing passwords, login attempts will be throttled unless you disable it. You can change the number of failed attempts per minute to allow, and the delay (in minutes) that users have to wait after reaching the maximum failed attempts.

Option Type Default
STAGEFRONT_THROTTLE bool true
STAGEFRONT_THROTTLE_TRIES integer 3 (per minute)
STAGEFRONT_THROTTLE_DELAY integer 5 (minutes)

When you tried to login too many times, Laravel's 429 error page will be shown. You can easily modify this by creating a 429.blade.php view in resources/views/errors. To save you a little time, I have included a localized template you can include in that page:

If you want to include a different partial for other throttled pages, you can check the request:

Text in this view can be changed via the translation files.

☑️ Ignore URLs

If for any reason you wish to disable StageFront on specific routes, you can add these to the ignore_urls array in the configuration file. You can use wildcards if needed. You can't set this in the .env file.

For example:

☑️ Ignore Domains

If for any reason you wish to disable StageFront on specific doamins, you can add these to the ignore_udomains array in the configuration file. You can't set this in the .env file.

For example:

☑️ Link Live Site

If you set the URL to your live site, a link will be shown underneath the login form.

Option Type Default
STAGEFRONT_LIVE_SITE string null

Make sure you enter the full URL, including https://.

☑️ Change App Name

By default, the app name that is configured in config/app.php is shown as a title on the login and throttle page. You can use a different title by setting this option:

Option Type Default
STAGEFRONT_APP_NAME string config('app.name')

📇 Publish Configuration File

You can also publish the configuration file.

Each option is documented.

📑 Translations and Views

You can publish the translations to quickly adjust the text on the login screen and the errors.

If you want to customize the login page entirely, you can also publish the view.

Extra translations are always welcome. :)

📏 Laravel Debugbar

Laravel Debugbar will be disabled on the StageFront routes automatically if you use it in your project. This will hide any potential sensitive data from the public, if by accident Debugbar is running on your staging site. You can disable this feature by editing the middleware option in the configuration file.

🚧 Testing

☕️ Credits

🔓 Security

If you discover any security related issues, please e-mail me instead of using the issue tracker.

📑 Changelog

A complete list of all notable changes to this package can be found on the releases page.

📜 License

The MIT License (MIT). Please see License File for more information.


All versions of laravel-stagefront with dependencies

PHP Build Version
Package Version
Requires php Version ^7.1|^8.0
codezero/dotenv-updater Version ^1.1|^2.0
illuminate/support Version ^5.7|^6.0|^7.0|^8.0|^9.0|^10.0|^11.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package codezero/laravel-stagefront contains the following files

Loading the files please wait ....