If my Laravel app has role-based permissions where only a type of user (superadmin) has the ability to register users, how would I create that initial user?
Should I use a seeder and create the user from there? Would the password be exposed in the code (from env variable maybe?)?
Or could I create it from the command line?
2
Answers
Seeding is the way. For the password just Hash it in the same way the laravel base framework does it.
Of course, the password will be visible to those with access to your source code. Change the password when your site is up and running the first time.
Personally, I don’t like to have temporary users stored in the .env files or (god forbid) directly in the Seeder.
I have a standard issue user-creation Artisan command that I run from the command line. Note that I also use a mutator on the User model which hashes
password
by default (see bottom of answer).AppModelsUser
Then you can just run:
from your command line and create your initial (or any subsequent) admins from there.