genaker/free-admin

Magento 2 module that allows free admin login when env.php backend => auth = false

Maintainers

Details

github.com/Genaker/FreeAdmin

Source

Issues

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

Type:magento2-module

5 2025-08-20 08:18 UTC

Requires

  • magento/framework: >=103.0.0
  • magento/module-backend: >=100.0.0
  • magento/module-user: >=100.0.0

MIT 634fb662d056c19f35826926c3decd3e1ff937f9

  • Genaker <egorshitikov.woop@gmail.com>

This package is auto-updated.

Last update: 2025-08-20 08:21:00 UTC

README

Overview

This module allows free admin login when the Magento_Backend module is disabled in app/etc/config.php.

How It Works

The module uses a before plugin on Magento\Backend\Model\Auth::login() method to:

  1. Security Check: Never bypass authentication in production mode
  2. Check if Magento_Backend module is disabled using Magento's ModuleList and DeploymentConfig classes
  3. If disabled AND not in production mode, bypass normal authentication by:
    • First trying to find admin user by the provided email/username
    • If not found, falling back to the first available admin user
  4. If enabled or in production mode, proceed with normal authentication

Installation

Method 1: Manual Installation

  1. Copy the module to app/code/Genaker/FreeAdmin/
  2. Enable the module: 
    php bin/magento module:enable Genaker_FreeAdmin
  3. Run setup: 
    php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento cache:flush

Method 2: Composer Installation

  1. Add the module to your project's composer.json: 
    {
    "repositories": [
        {
            "type": "path",
            "url": "app/code/Genaker/FreeAdmin"
        }
    ]
}
  2. Install via Composer: 
    composer require genaker/free-admin:1.0.0
  3. Run setup: 
    php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento cache:flush

Usage

To Enable Free Admin Access:

  1. Set backend/auth to false in your deployment configuration (e.g., app/etc/env.php):
'backend' => [
    'auth' => false
],
  1. Clear caches:
php bin/magento cache:flush
  1. Now any username/password combination will work for admin login

To Disable Free Admin Access:

  1. Set backend/auth to true or remove the configuration in your deployment configuration:
'backend' => [
    'auth' => true
],
  1. Clear caches:
php bin/magento cache:flush

Security Warning

⚠️ IMPORTANT: This module is for development/testing purposes only.

  • Never bypasses authentication in production mode - additional safety measure
  • It bypasses authentication when enabled by using existing admin users
  • Requires at least one admin user to exist in the system
  • Only works in development or default modes

Module Structure

Genaker/FreeAdmin/
├── Plugin/
│   └── Backend/
│       └── Model/
│           └── Auth/
│               └── SimpleLoginPlugin.php
├── etc/
│   ├── di.xml
│   └── module.xml
├── composer.json
├── registration.php
└── README.md

Troubleshooting

Module Not Working

  1. Check if module is enabled: php bin/magento module:status Genaker_FreeAdmin
  2. Verify plugin is loaded: php bin/magento setup:di:compile
  3. Clear caches: php bin/magento cache:flush

Customization

To modify the authentication bypass logic, edit SimpleLoginPlugin.php in the beforeLogin method.

Support

For issues or questions, check the module logs or contact the development team.