Bypass login for localhost environment

Is there a simple way to skip the login process for localhost environment? Like, I go to http://localhost/kirby/panel/ not need to fill in the login form?

My idea was to set panel.session.lifetime to invinite (0) and increase panel.session.timeout, but this didn’t work for me …

in site/config/config.php

c::set('panel.session.lifetime', 0);
c::set('panel.session.timeout', 2160); // 36 hours

Doesn’t the session die when browser is closed? I’m hoping for a solution that works even if I restart my computer.

I bet this is a hard nut to crack.

Nice try anyway! :slight_smile:

I haven’t tested this, but can’t you fix it by creating a custom route with this url ( you can use config.localhost to only apply this logic on your dev environment, see here, under ‘multi environment options’ : http://getkirby.com/docs/advanced/options ), log the admin user in at the ‘action’ and then go('/panel') ?

Again, I didn’t test this, just thinking out loud! :slight_smile:

Edit Now that I look somewhat further in the documentation, I don’t know this will work because you need to return something, the ‘go’ in this example, but you also need to execute the ‘login’ part. Sorry :slight_smile:

2 Likes

This works for me …

c::set('routes', array(
  array(
    'pattern' => 'autologin',
    'action'  => function() {
      $username = 'YOURUSERNAME';
      $password = 'YOURPASSWORD';
      
      // Prevent access on the production system
      if(url::host() !== 'localhost') return false;
      
      $user = site()->user($username);
      if($user and $user->login($password)) {
        go('panel'); // or use go(); to redirect to the frontpage
      } else {
        echo 'invalid username or password';
        return false;
      }

    }
  )
));

Adjust $username and $password and visit http://yoursite.tld/autologin

As @gerardkd mentioned this should only be added to your local config!

1 Like

I have added a check to your code that only logs the user in on localhost to make sure. :slightly_smiling:

1 Like

How awesome is that! You are my hero of the day! :slight_smile:

1 Like

Plugin

autologin.php

Add this code to /site/plugins/autologin/autologin.php.

<?php
autologin();

function autologin() {
  // Prevent access on the production system
  if(url::host() !== c::get('autologin.host', 'localhost')) return false;

  // Add route if localhost environment
  kirby()->routes(array(
    array(
      'pattern' => c::get('autologin.route', 'autologin'),
      'action'  => function() {
        $user = site()->user( c::get('autologin.username') );
        if($user and $user->login( c::get('autologin.password') ) ) {
          go( c::get('autologin.redirect', 'panel') );
        } else {
          echo 'Invalid username or password';
          return false;
        }
      }
    )
  ));
}

config.php

Add this to your config.php.

c::set('autologin.username', 'your-username');
c::set('autologin.password', 'your-password');
c::set('autologin.redirect', 'site'); // Defaults to "panel"
c::set('autologin.route', 'slug'); // Defaults to "autologin"
c::set('autologin.host', 'host'); // Defaults to "localhost"
2 Likes

Looks great! Just a little improvement you could make:

The c::get() function accepts a default value, so you can use the following to make it even more flexible:

go(c::get('autologin.redirect', 'panel'));

The config value could then be set to any page URI or not defined to be set to panel.

1 Like

Thanks! Yes, I knew about it. Was in a hurry to get it out, I guess. Updated the code.

Custom route option added

I also added to option to add a custom route if “autologin” is not the prefered slug to use.

If you use custom hosts with Mamp or something, like ‘myproject.dev’, the if-check will always return false. If you set that as a option as well, it’s totally flexible for your dev-environment needs :slight_smile:

1 Like

Agree! I added another option to the code. Thanks!

That was great teamwork!
@jenstornell, @gerardkd, @lukasbestle
:smile:

2 Likes

Would it be ok if I add the plugin (that is much based on your code) and put it on Github? I have some ideas on more development on this thing.

I will try to add stuff to make it possible to have an autologin on a live site as well. I know it can be really dangerous with just a link to login but with some extra protection layers I hope it might work.

Ok, no problem. Maybe you can mention me/us :wink:

Sure, thanks! :slight_smile:

I don’t have a schedule for it yet so don’t sit up and wait (I’m working on my Splitview plugin right now).

…and now it has evolved into a plugin…

Github: https://github.com/jenstornell/kirby-autologin