A .env replacement for storing your production credentials in your Laravel application

Published on – 2 minute read

Today I published the latest open source package under the Beyond Code Github account and it's called laravel-credentials.

The package allows you to store all your production-related credentials in an encrypted file and put that file into version control instead of having to add multiple credentials into your .env file on your production system.

This process has a couple benefits compared to the traditional way of storing your production credentials in your .env file:

  • Your credentials are encrypted. No one will be able to read your credentials without the key.
  • The encrypted credentials are saved in your repository. You'll have a history of the changes and who made them.
  • You can deploy credentials together with your code.
  • All secrets are in one location. Instead of managing multiple environment variables, everything is in one file.

Here's how you can access your stored credentials:

$secret = credentials('my-secret-credentials');

Since all your credentials are now stored in an encrypted file, it's not possible to edit this file in your IDE - at least not that simple. That's why the package include a built-in edit command, that decrypts the data and opens it in an editor for you. After you save the file, the content will be encrypted again and stored in your credentials file.

Here you can see it in action:

php artisan credentials:edit

Credentials Demo

You can find the source code of the package on Github at https://github.com/beyondcode/laravel-credentials.