Introducing an Extra Security Layer to Laravel Nova

Published on by Dasun Tharanga

2 min read

โœจ How It Works

The package works by adding a middleware to Nova's routing system. When a request is made to access the admin panel, the middleware checks if the provided secret key matches the one set in the .env file. If the secret key matches, the request is allowed, and the admin panel is accessible. Otherwise, a 404 page is displayed, indicating that access is restricted.

๐Ÿ“ฆ Installation

To get started, you'll need to install the "Nova Access Secret" package via Composer. Open your terminal and run the following command:

1composer require dasundev/nova-access-secret

If you wish to customize the configuration options, you can publish the package's config file using the following command:

1php artisan vendor:publish --tag="nova-access-secret-config"

๐Ÿ‘ฉโ€๐Ÿ’ป Usage

Once you've installed the package, open your .env file and add the following key-value pair:


Replace secret with the desired secret key you want to use. This secret key will serve as the access token to Nova.

To access Nova, you need to append the secret key to the Nova URL. Here's an example:


By including the secret key in the URL, you ensure that only users who have the correct access token can access the Nova admin panel.

๐Ÿšซ Disabling Secret Access

If you want to disable the secret access temporarily or permanently, you have two options:

  1. Keep the NOVA_ACCESS_SECRET_KEY value empty in your .env file.
  2. Delete the NOVA_ACCESS_SECRET_KEY key from the .env file.

Either of these options will disable the secret access requirement, allowing anyone to access the Nova admin panel without providing a secret key.

๐Ÿ˜€ Conclusion

Adding an access secret to your Nova installation provides an additional layer of security, ensuring that only authorized users can access the admin panel. With the "Nova Access Secret" package, you can easily require a secret key in the URL to secure your Nova access. By following the installation and usage instructions outlined in this blog post, you can enhance the security of your Nova-powered application and protect sensitive data.

Remember, security is crucial, and taking proactive steps to safeguard your admin panel is a wise decision.

Stay secure and enjoy using Nova! ๐Ÿ’›

Get notified for the next blog post? Sign up for the newsletter.