skip to Main Content

If my Laravel app has role-based permissions where only a type of user (superadmin) has the ability to register users, how would I create that initial user?

Should I use a seeder and create the user from there? Would the password be exposed in the code (from env variable maybe?)?

Or could I create it from the command line?

2

Answers


  1. Seeding is the way. For the password just Hash it in the same way the laravel base framework does it.

    'password' => Hash::make('my secret password')
    

    Of course, the password will be visible to those with access to your source code. Change the password when your site is up and running the first time.

    Login or Signup to reply.
  2. Personally, I don’t like to have temporary users stored in the .env files or (god forbid) directly in the Seeder.

    I have a standard issue user-creation Artisan command that I run from the command line. Note that I also use a mutator on the User model which hashes password by default (see bottom of answer).

    <?php
    
    namespace AppConsoleCommands;
    
    use AppModelsUser;
    use AppModelsCompany;
    use IlluminateConsoleCommand;
    
    class CreateUser extends Command
    {
        /**
         * The name and signature of the console command.
         *
         * @var string
         */
        protected $signature = 'app:create-user';
    
        /**
         * The console command description.
         *
         * @var string
         */
        protected $description = 'Create a new user';
    
        /**
         * Execute the console command.
         */
        public function handle(): void
        {
            $email = $this->ask("What's the user's email address?");
            $first_name = $this->ask("What's the user's first name?");
            $last_name = $this->ask("What's the user's last name?");
            $password = $this->secret("What's the user's password?");
    
            if (User::firstWhere('email', $email)) {
                $this->error('User already exists with that email address!');
                exit;
            }
    
            $user = User::create([
                'email' => $email,
                'first_name' => $first_name,
                'last_name' => $last_name,
                'password' => $password
            ]);
    
            $user->assignRole('super-admin');
    
            $this->info("New user with email address '$email' was successfully created");
        }
    }
    

    AppModelsUser

    <?php
    
    use IlluminateDatabaseEloquentCastsAttribute;
    use IlluminateFoundationAuthUser as Authenticatable;
    
    class User extends Authenticable
    {
        protected function password(): Attribute
        {
            return Attribute::make(
                set: fn (string $value) => bcrypt($value)
            );
        }
    }
    

    Then you can just run:

    php artisan app:create-user
    

    from your command line and create your initial (or any subsequent) admins from there.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search