Security - v2.0.2
Command Reference
Complete reference for all Artisan commands provided by the ArtisanPack Security package.
Command Categories
- Security Audit & Analysis
- User Management
- Role & Permission Management
- Two-Factor Authentication
- API Token Management
- Session Management
- Password Management
- File Security
- CSP Management
- Compliance
- Maintenance & Cleanup
Security Audit & Analysis
security:audit
Run a comprehensive security audit of your application.
php artisan security:audit [options]
Options:
| Option | Description |
|---|---|
--check=<type> |
Run specific check (headers, authentication, authorization, config) |
--format=<format> |
Output format (text, json, junit, html) |
--output=<file> |
Save report to file |
--email=<address> |
Email report to address |
--silent |
Suppress console output |
--fail-on-warning |
Exit with error on warnings |
Examples:
# Full security audit
php artisan security:audit
# Specific checks only
php artisan security:audit --check=headers --check=authentication
# Generate HTML report
php artisan security:audit --format=html --output=security-report.html
# CI/CD integration (JUnit format)
php artisan security:audit --format=junit --output=results.xml --fail-on-warning
security:check-config
Verify security configuration is properly set.
php artisan security:check-config [options]
Options:
| Option | Description |
|---|---|
--fix |
Attempt to fix issues automatically |
--env=<environment> |
Check for specific environment |
Examples:
# Check configuration
php artisan security:check-config
# Check for production environment
php artisan security:check-config --env=production
# Auto-fix issues
php artisan security:check-config --fix
security:check-session
Verify session security configuration.
php artisan security:check-session
Checks:
- Session encryption status
- Session driver security
- Cookie settings (secure, httpOnly, sameSite)
security:test-headers
Test security headers on a URL.
php artisan security:test-headers [url] [options]
Arguments:
| Argument | Description |
|---|---|
url |
URL to test (default: APP_URL) |
Options:
| Option | Description |
|---|---|
--grade |
Show security grade |
--verbose |
Show detailed header analysis |
--insecure |
Skip SSL verification |
Examples:
# Test application headers
php artisan security:test-headers
# Test specific URL
php artisan security:test-headers https://example.com
# Show detailed analysis
php artisan security:test-headers --verbose --grade
security:scan-dependencies
Scan for known vulnerable dependencies.
php artisan security:scan-dependencies [options]
Options:
| Option | Description |
|---|---|
--format=<format> |
Output format (text, json) |
--fail-on-vulnerability |
Exit with error if vulnerabilities found |
security:check-user
Check security status for a specific user.
php artisan security:check-user <user> [options]
Arguments:
| Argument | Description |
|---|---|
user |
User ID or email |
Options:
| Option | Description |
|---|---|
--severity=<level> |
Filter by severity (low, medium, high, critical) |
Examples:
# Check user by ID
php artisan security:check-user 1
# Check user by email
php artisan security:check-user admin@example.com
# Show only high severity issues
php artisan security:check-user 1 --severity=high
User Management
user:create
Create a new user account.
php artisan user:create [options]
Options:
| Option | Description |
|---|---|
--name=<name> |
User's name |
--email=<email> |
User's email |
--password=<password> |
User's password |
--role=<role> |
Assign role(s) |
--verify-email |
Mark email as verified |
Examples:
# Interactive creation
php artisan user:create
# With options
php artisan user:create --name="John Doe" --email="john@example.com" --role=admin
user:assign-role
Assign a role to a user.
php artisan user:assign-role <user> <role>
Arguments:
| Argument | Description |
|---|---|
user |
User ID or email |
role |
Role name to assign |
Examples:
php artisan user:assign-role 1 admin
php artisan user:assign-role user@example.com editor
user:remove-role
Remove a role from a user.
php artisan user:remove-role <user> <role>
user:lock
Lock a user account.
php artisan user:lock <user> [options]
Options:
| Option | Description |
|---|---|
--reason=<reason> |
Reason for locking |
--duration=<minutes> |
Lock duration (0 = permanent) |
--notify |
Notify user via email |
user:unlock
Unlock a user account.
php artisan user:unlock <user> [options]
Options:
| Option | Description |
|---|---|
--notify |
Notify user via email |
Role & Permission Management
role:create
Create a new role.
php artisan role:create <name> [options]
Arguments:
| Argument | Description |
|---|---|
name |
Role name (slug) |
Options:
| Option | Description |
|---|---|
--display-name=<name> |
Human-readable name |
--description=<desc> |
Role description |
--permissions=<perms> |
Comma-separated permissions |
Examples:
php artisan role:create editor --display-name="Content Editor"
php artisan role:create moderator --permissions=edit-posts,delete-comments
role:delete
Delete a role.
php artisan role:delete <name> [options]
Options:
| Option | Description |
|---|---|
--force |
Delete even if users have this role |
role:list
List all roles.
php artisan role:list [options]
Options:
| Option | Description |
|---|---|
--with-permissions |
Show permissions for each role |
--with-users |
Show user count for each role |
permission:create
Create a new permission.
php artisan permission:create <name> [options]
Arguments:
| Argument | Description |
|---|---|
name |
Permission name (slug) |
Options:
| Option | Description |
|---|---|
--display-name=<name> |
Human-readable name |
--description=<desc> |
Permission description |
--group=<group> |
Permission group |
permission:delete
Delete a permission.
php artisan permission:delete <name>
permission:list
List all permissions.
php artisan permission:list [options]
Options:
| Option | Description |
|---|---|
--group=<group> |
Filter by group |
role:assign-permission
Assign a permission to a role.
php artisan role:assign-permission <role> <permission>
role:remove-permission
Remove a permission from a role.
php artisan role:remove-permission <role> <permission>
Two-Factor Authentication
2fa:enable
Enable 2FA for a user.
php artisan 2fa:enable <user> [options]
Arguments:
| Argument | Description |
|---|---|
user |
User ID or email |
Options:
| Option | Description |
|---|---|
--show-qr |
Display QR code in terminal |
--notify |
Send setup email to user |
2fa:disable
Disable 2FA for a user.
php artisan 2fa:disable <user> [options]
Options:
| Option | Description |
|---|---|
--force |
Disable without confirmation |
2fa:status
Check 2FA status for a user.
php artisan 2fa:status <user>
2fa:regenerate-recovery
Regenerate recovery codes for a user.
php artisan 2fa:regenerate-recovery <user> [options]
Options:
| Option | Description |
|---|---|
--show |
Display new codes |
--email |
Email codes to user |
2fa:report
Generate 2FA adoption report.
php artisan 2fa:report [options]
Options:
| Option | Description |
|---|---|
--format=<format> |
Output format (text, json, csv) |
API Token Management
token:create
Create an API token for a user.
php artisan token:create <user> <name> [options]
Arguments:
| Argument | Description |
|---|---|
user |
User ID or email |
name |
Token name |
Options:
| Option | Description |
|---|---|
--abilities=<list> |
Comma-separated abilities |
--expires=<days> |
Expiration in days |
Examples:
php artisan token:create 1 "API Access" --abilities=read,write
php artisan token:create admin@example.com "Service Token" --expires=30
token:revoke
Revoke an API token.
php artisan token:revoke <token-id>
token:list
List API tokens for a user.
php artisan token:list <user> [options]
Options:
| Option | Description |
|---|---|
--all |
Include revoked tokens |
token:cleanup
Remove expired tokens.
php artisan token:cleanup [options]
Options:
| Option | Description |
|---|---|
--dry-run |
Preview without deleting |
api:security:check
Check API security configuration and settings.
php artisan api:security:check [options]
Options:
| Option | Description |
|---|---|
--fix |
Attempt to fix issues automatically |
--verbose |
Show detailed output |
Examples:
# Check API security settings
php artisan api:security:check
# Check with detailed output
php artisan api:security:check --verbose
# Check and fix issues
php artisan api:security:check --fix
Session Management
session:terminate
Terminate sessions for a user.
php artisan session:terminate <user> [options]
Arguments:
| Argument | Description |
|---|---|
user |
User ID or email |
Options:
| Option | Description |
|---|---|
--except-current |
Keep current session |
--all |
Terminate all sessions (all users) |
session:list
List active sessions for a user.
php artisan session:list <user>
session:cleanup
Clean up expired sessions.
php artisan session:cleanup [options]
Options:
| Option | Description |
|---|---|
--dry-run |
Preview without deleting |
Password Management
password:expire
Expire password for a user (force reset).
php artisan password:expire <user> [options]
Options:
| Option | Description |
|---|---|
--notify |
Send email notification |
password:expire-all
Expire passwords for all users.
php artisan password:expire-all [options]
Options:
| Option | Description |
|---|---|
--role=<role> |
Only users with role |
--notify |
Send email notifications |
password:check-breached
Check if a password has been breached.
php artisan password:check-breached
Prompts for password input securely.
File Security
security:cleanup-files
Clean up expired/temporary files.
php artisan security:cleanup-files [options]
Options:
| Option | Description |
|---|---|
--days=<days> |
Files older than N days (default: 30) |
--only-infected |
Clean only infected files |
--dry-run |
Preview without deleting |
Examples:
# Clean files older than 30 days
php artisan security:cleanup-files --days=30
# Preview cleanup
php artisan security:cleanup-files --dry-run
# Clean only infected files
php artisan security:cleanup-files --only-infected
security:scan-quarantine
Scan quarantined files for malware.
php artisan security:scan-quarantine [options]
Options:
| Option | Description |
|---|---|
--limit=<count> |
Maximum files to scan (default: 100) |
--delete-infected |
Automatically delete infected files |
Examples:
# Scan quarantined files
php artisan security:scan-quarantine
# Scan with custom limit
php artisan security:scan-quarantine --limit=50
# Scan and delete infected files
php artisan security:scan-quarantine --delete-infected
CSP Management
security:generate-csp
Generate a CSP policy interactively.
php artisan security:generate-csp [options]
Options:
| Option | Description |
|---|---|
--template=<name> |
Use template (strict, relaxed) |
--preset=<presets> |
Add presets (google-analytics, stripe) |
--output=<file> |
Save to file |
security:csp:test
Test CSP policy configuration.
php artisan security:csp:test [url] [options]
Arguments:
| Argument | Description |
|---|---|
url |
URL to test (default: APP_URL) |
Options:
| Option | Description |
|---|---|
--validate |
Validate policy syntax |
--audit |
Check for common issues |
Examples:
# Test CSP on application URL
php artisan security:csp:test
# Test specific URL
php artisan security:csp:test https://example.com
# Validate and audit
php artisan security:csp:test --validate --audit
csp:violations
Manage CSP violations.
php artisan csp:violations [options]
Options:
| Option | Description |
|---|---|
--summary |
Show violation summary |
--export=<file> |
Export to file |
--clear |
Clear old violations |
--older-than=<days> |
For --clear, specify age |
csp:analyze
Analyze CSP violations and suggest improvements.
php artisan csp:analyze
Compliance
compliance:cleanup
Run data retention cleanup.
php artisan compliance:cleanup [options]
Options:
| Option | Description |
|---|---|
--type=<type> |
Clean specific data type |
--dry-run |
Preview without deleting |
--force |
Ignore schedule |
compliance:report
Generate compliance reports.
php artisan compliance:report <type> [options]
Arguments:
| Argument | Description |
|---|---|
type |
Report type (gdpr, consent, audit, retention) |
Options:
| Option | Description |
|---|---|
--period=<period> |
Time period (7d, 30d, 90d) |
--from=<date> |
Start date |
--to=<date> |
End date |
--format=<format> |
Output format (text, json, pdf, csv) |
--output=<file> |
Save to file |
--email=<address> |
Email report |
compliance:export-user
Export user data (GDPR data portability).
php artisan compliance:export-user <user> [options]
Options:
| Option | Description |
|---|---|
--output=<dir> |
Output directory |
--format=<format> |
Format (json, csv, zip) |
compliance:process-erasures
Process pending account deletion requests.
php artisan compliance:process-erasures
compliance:status
Check overall compliance status.
php artisan compliance:status
compliance:processing-activities
List data processing activities.
php artisan compliance:processing-activities
Maintenance & Cleanup
security:clear-cache
Clear security-related caches.
php artisan security:clear-cache [options]
Options:
| Option | Description |
|---|---|
--roles |
Clear role/permission cache |
--sessions |
Clear session cache |
--all |
Clear all security caches |
security:metrics
View security metrics.
php artisan security:metrics [options]
Options:
| Option | Description |
|---|---|
--period=<period> |
Time period |
--type=<type> |
Metric type |
security:metrics-cleanup
Clean up old metrics data.
php artisan security:metrics-cleanup [options]
Options:
| Option | Description |
|---|---|
--days=<days> |
Delete data older than N days |
--dry-run |
Preview without deleting |
security:threats
View current threat status.
php artisan security:threats [options]
Options:
| Option | Description |
|---|---|
--active |
Show only active threats |
security:alerts
Manage security alerts.
php artisan security:alerts [options]
Options:
| Option | Description |
|---|---|
--unacknowledged |
Show only unacknowledged |
--acknowledge=<id> |
Acknowledge an alert |
security:test-alerts
Test alert channels.
php artisan security:test-alerts [options]
Options:
| Option | Description |
|---|---|
--channel=<channel> |
Test specific channel |
security:report
Generate security reports.
php artisan security:report <type> [options]
Arguments:
| Argument | Description |
|---|---|
type |
Report type (summary, authentication, threats, api) |
Options:
| Option | Description |
|---|---|
--period=<period> |
Time period |
--format=<format> |
Output format |
--email=<address> |
Email report |