PHPackages area17/twill-http-basic-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. area17/twill-http-basic-auth ActiveLibrary[Authentication & Authorization](/categories/authentication) area17/twill-http-basic-auth ============================ A Twill Capsule to add and handle HTTP Basic Auth v2.0.4(9mo ago)39982Apache-2.0PHPPHP >=8.0 Since Jan 31Pushed 9mo ago4 watchersCompare [ Source](https://github.com/area17/twill-http-basic-auth)[ Packagist](https://packagist.org/packages/area17/twill-http-basic-auth)[ Docs](https://github.com/area17/twill-http-basic-auths)[ GitHub Sponsors](https://github.com/area17)[ RSS](/packages/area17-twill-http-basic-auth/feed)WikiDiscussions 2.x Synced 1mo ago READMEChangelogDependencies (7)Versions (9)Used By (0) HTTP Basic Auth Twill Capsule ============================= [](#http-basic-auth-twill-capsule) This Twill Capsule is intended to enable developers to configure Basic Auth on their applications. [![screenshot 1](docs/screenshot01.png)](docs/screenshot01.png) [![screenshot 2](docs/screenshot02.png)](docs/screenshot02.png) Domains ------- [](#domains) You can add as many domains as you need and configure different passwords for each. You can have the , for instance, unprotected to allow public access to it, and block access to and to only allow access to people with an account, and those that have access to the HTTP Basic Auth username and password. One config for all ------------------ [](#one-config-for-all) Once you enable the `all domains (*)` entry, the same configuration will be used for all domains available, and all other domain configurations will be hidden. Middleware ---------- [](#middleware) A middleware is automatically added to all `web` routes, but you can configure this behaviour or even disable it to configure your middleware yourself: ``` 'middleware' => [ 'automatic' => true, 'groups' => ['web'], 'class' => \A17\TwillHttpBasicAuth\Http\Middleware::class, ], ``` Using authentication -------------------- [](#using-authentication) If you don't want to share a single username and password with everyone that will access your pages, you can configure the package to allow existing users, both on Twill (CMS) and/or Laravel (frontend), to use their own passwords to pass Basic Auth. Installing ---------- [](#installing) Supported Versions ------------------ [](#supported-versions) Composer will manage this automatically for you, but these are the supported versions between Twill and this package. Twill VersionCapsule versionInstalling with Composer3.x2.xcomposer require area17/twill-http-basic-auth:"^2.0"2.x1.xcomposer require area17/twill-http-basic-auth:"^1.0"### Require the Composer package: [](#require-the-composer-package) ``` composer require area17/twill-http-basic-auth ``` ### Publish the configuration [](#publish-the-configuration) ``` php artisan vendor:publish --provider="A17\TwillHttpBasicAuth\ServiceProvider" ``` ### Load Capsule helpers by adding calling the loader to your AppServiceProvider: [](#load-capsule-helpers-by-adding-calling-the-loader-to-your-appserviceprovider) ``` /** * Register any application services. * * @return void */ public function register() { \A17\TwillHttpBasicAuth\Services\Helpers::load(); } ``` #### Configuring via the `.env` file [](#configuring-via-the-env-file) This package is disabled by default, so you must enabled it in your .env file: ``` TWILL_HTTP_BASIC_AUTH_ENABLED=true ``` You can configure credentials both via CMS settings or the on `.env` file. If you set them on `.env` the `*` domain will be enabled, all other domains hidden, and the username and password overloaded by the `.env` keys. ``` TWILL_HTTP_BASIC_AUTH_USERNAME=frontend TWILL_HTTP_BASIC_AUTH_PASSWORD=secret ``` ### Database login [](#database-login) You can configure the package to allow users pass HTTP Auth Basic with their existing email and password, by just enabling the feature on the `.env` file: ``` TWILL_HTTP_BASIC_AUTH_TWILL_DATABASE_LOGIN_ENABLED=true TWILL_HTTP_BASIC_AUTH_LARAVEL_DATABASE_LOGIN_ENABLED=true ``` ### Rate limiting [](#rate-limiting) The package will also, by default, rate limit users to max of 500 requests per minute to each domain. You can configure it using this `.env` variable: ``` TWILL_HTTP_BASIC_AUTH_RATE_LIMITING_ATTEMPTS=5 ``` By requiring users to have an enabled account in Twill (or Laravel) to access a protected website, this becomes an additional security feature. It also allows you to avoid disclosing the same username and password to everyone who is authorized to view the site. Contribute ---------- [](#contribute) Please contribute to this project by submitting pull requests. ### Health Score 38 — LowBetter than 85% of packages Maintenance55 Moderate activity, may be stable Popularity21 Limited adoption so far Community14 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 77.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~67 days Recently: every ~134 days Total 9 Last Release 299d ago Major Versions v1.0.0 → v2.0.22024-01-31 v1.0.1 → v2.0.12024-06-30 ### Community Maintainers ![](https://www.gravatar.com/avatar/d9421a69d192db597169ec3519ad3efc6a35a660e4525e2ed08f6c753b908e86?d=identicon)[AntonioCarlosRibeiro](/maintainers/AntonioCarlosRibeiro) ![](https://avatars.githubusercontent.com/u/13578874?v=4)[twill](/maintainers/twill)[@twill](https://github.com/twill) --- Top Contributors [![antonioribeiro](https://avatars.githubusercontent.com/u/3182864?v=4)](https://github.com/antonioribeiro "antonioribeiro (14 commits)")[![joyceverheije](https://avatars.githubusercontent.com/u/18153771?v=4)](https://github.com/joyceverheije "joyceverheije (4 commits)") ### Code Quality Static AnalysisPHPStan Code StylePHP CS Fixer Type Coverage Yes ### Embed Badge ![Health badge](/badges/area17-twill-http-basic-auth/health.svg) ``` [![Health](https://phpackages.com/badges/area17-twill-http-basic-auth/health.svg)](https://phpackages.com/packages/area17-twill-http-basic-auth) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[beatswitch/lock A flexible, driver based Acl package for PHP 5.4+ 870304.7k2](/packages/beatswitch-lock)[amocrm/amocrm-api-library amoCRM API Client 182728.5k6](/packages/amocrm-amocrm-api-library)[vonage/jwt A standalone package for creating JWTs for Vonage APIs 424.1M4](/packages/vonage-jwt) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)