Laravel 4 - 用于生产的MySQL用户配置

I've been doing quite a bit of research on the Laravel 4 framework and wanted to know how people configure the database user privileges for production apps.

In all the documentation I've read it all shows to use root with root privileges. Are production apps using their mySQL root login? And if not, what privileges are granted to that user?

I tried to create a database user 'dev-app' with schema privileges on the database used by the app allowing all the object and DDL privileges. Unfortunately I'm getting an "Access Denied for user ... " error message when I run 'php artisan migrate'.

Before I simply grant all to that user and keep coding, I just wanted to know how to properly set these users up in the database.

Thanks

I re-created the user and added all the permissions available to the Laravel database and all seems to work as it should. Thanks for all the tips and comments.

I usually have two user accounts and corresponding two database connections in Laravel config.

The first (default) account has minimal permissions:

enter image description here

The second account is used for migrations, configured as follows:

enter image description here

and used during migrations as follows:

  php artisan migrate --database=migrateconn

Thus your web application user will have minimal privileges for security reasons and only for deployment tasks you should use the elevated user account.

Here's a command line suitable to modify and paste into a MySQL 5 command prompt.

GRANT CREATE TEMPORARY TABLES, DELETE, EXECUTE, INSERT, LOCK TABLES, SELECT, UPDATE ON databasename.* TO 'username'@'localhost' IDENTIFIED BY 'password'

For the migrate user, a slightly larger site: GRANT ALTER, CREATE, CREATE TEMPORARY TABLES, DELETE, DROP, INDEX, INSERT, LOCK TABLES, REFERENCES, SELECT, UPDATE ON databasename.* TO 'username'@'localhost' IDENTIFIED BY 'password'

Modify where:

'databasename' is the name of your database 'username' is the username of your MySQL account 'localhost' is the server host where Laravel is installed 'password' is the password required for that username

On MySQL 8 this has to be split into 2 steps, one for creating the user and one for granting the permissions.

In general it's best to limit the permissions allowed, so this is a smaller list than some previous answers. I plan to update this if/when I find Laravel code that requires more capabilities.