Last active
July 2, 2022 15:30
-
-
Save blockpc/fc9f6c92114f3b5cfeb944ce1124d81f to your computer and use it in GitHub Desktop.
Middleware for development
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
declare(strict_types=1); | |
namespace App\Http\Middleware; | |
use Closure; | |
final class DevelopmentAccess | |
{ | |
/** | |
* Client IPs allowed to access the app. | |
* Defaults are loopback IPv4 and IPv6 for use in local development. | |
* | |
* @var array | |
*/ | |
protected $ipWhitelist = ['127.0.0.1', '::1']; | |
/** | |
* Environment not allowed to access the app. | |
* Environment production. | |
* | |
* @var string | |
*/ | |
protected $production = 'production'; | |
public function handle($request, Closure $next) | |
{ | |
if ( $this->isProductionEnvironment() && $this->clientNotAllowed() ) { | |
return abort(403, 'You are not authorized to access this'); | |
} | |
return $next($request); | |
} | |
/** | |
* Checks if current environment is allowed to access the app. | |
* | |
* @return boolean | |
*/ | |
protected function isProductionEnvironment() | |
{ | |
return app()->environment() != $this->production; | |
} | |
/** | |
* Checks if current request client is allowed to access the app. | |
* | |
* @return boolean | |
*/ | |
protected function clientNotAllowed() | |
{ | |
$isAllowedIP = in_array(request()->ip(), $this->ipWhitelist); | |
return !$isAllowedIP; | |
} | |
} | |
protected $routeMiddleware = [ | |
.... | |
'dev' => \App\Http\Middleware\DevelopmentAccess::class, | |
]; | |
Route::group(['middleware' => 'dev'], function() | |
{ | |
// All routes that need restricting for non-approved clients go here | |
// Or users authenticated | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment