Skip to content
/ laravel-route-restrictor Public

🚫 Laravel middleware to restrict a site or specific routes using HTTP basic authentication

License

LGPL-3.0 license
5 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DivineOmega/laravel-route-restrictor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
src
src
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

🚫 Laravel Route Restrictor

Laravel Route Restrictor is a middleware package designed to restrict a entire site or specific routes using HTTP basic authentication. It is compatible with Laravel 5.1 and above.

Setup

  1. Run composer require divineomega/laravel-route-restrictor.
  2. Add DivineOmega\LaravelRouteRestrictor\Providers\LaravelRouteRestrictorServiceProvider::class to the $providers array in your config/app.php file.
  3. Run php artisan vendor:publish --provider="DivineOmega\LaravelRouteRestrictor\Providers\LaravelRouteRestrictorServiceProvider".
  4. Add \DivineOmega\LaravelRouteRestrictor\Http\Middleware\BasicAuthentication::class to the $middleware array in your app/Http/Kernel.php file.
  5. Add 'routeRestrictor' => \DivineOmega\LaravelRouteRestrictor\Http\Middleware\BasicAuthentication::class to the $routeMiddleware array in your app/Http/Kernel.php file.
  6. Add RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}] immediately below RewriteEngine On in your public/.htaccess file. This is required for web servers that are configured to use CGI as their PHP handler.

Global restriction

In order to restrict all routes in your Laravel application, just add the global username and password to your .env file as follows. Ensure you change the username and password values.

ROUTE_RESTRICTOR_GLOBAL_USERNAME=username
ROUTE_RESTRICTOR_GLOBAL_PASSWORD=password

Your entire application will then be protected by these details, unless a route specific restriction is in place.

Alternatively, you can modify the global restriction username and password in your config/laravel-route-restrictor.php configuration file.

Restricting specific routes

To restrict specific routes, you must edit your routes file. Simply surround the route or routes you want to restrict with the following route group code. Ensure you change the username and password middleware parameters.

Route::group(['middleware' => 'routeRestrictor:username,password'], function () {
    // Route(s) to restrict go here
});

Note: If you have both route specific restrictions and a global restriction, both will work, but route specific restrictions will take priority.

Excluding specific routes from restriction

If you wish to exclude one or more routes from restriction, you must edit your routes file. Simply surround the route or routes you want to exclude with the following route group code.

Route::group(['middleware' => 'routeRestrictor:disable'], function () {
    // Route(s) to exclude from restriction go here
});

About

🚫 Laravel middleware to restrict a site or specific routes using HTTP basic authentication

Topics

middleware laravel routing basic-authentication laravel-5-package laravel-middleware

Resources

Readme

License

LGPL-3.0 license
Activity

Stars

5 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases 15

v2.3.1 Latest
Sep 9, 2019
+ 14 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages