divineomega / laravel-route-restrictor
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
Fund package maintenance!
DivineOmega
Installs: 4 413
Dependents: 1
Suggesters: 0
Security: 0
Stars: 5
Watchers: 4
Forks: 3
Open Issues: 0
Requires
- php: >=5.5.9
- laravel/framework: ^5.1|^6.0
README
Laravel Route Restrictor is a middleware package designed to restrict a entire site or specific routes using HTTP basic authentication. It is compatible with Laravel 5.1 and above.
Setup
- Run
composer require divineomega/laravel-route-restrictor
. - Add
DivineOmega\LaravelRouteRestrictor\Providers\LaravelRouteRestrictorServiceProvider::class
to the$providers
array in yourconfig/app.php
file. - Run
php artisan vendor:publish --provider="DivineOmega\LaravelRouteRestrictor\Providers\LaravelRouteRestrictorServiceProvider"
. - Add
\DivineOmega\LaravelRouteRestrictor\Http\Middleware\BasicAuthentication::class
to the$middleware
array in yourapp/Http/Kernel.php
file. - Add
'routeRestrictor' => \DivineOmega\LaravelRouteRestrictor\Http\Middleware\BasicAuthentication::class
to the$routeMiddleware
array in yourapp/Http/Kernel.php
file. - Add
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}]
immediately belowRewriteEngine On
in yourpublic/.htaccess
file. This is required for web servers that are configured to use CGI as their PHP handler.
Global restriction
In order to restrict all routes in your Laravel application, just add the global username and password to your .env
file as follows. Ensure you change the username
and password
values.
ROUTE_RESTRICTOR_GLOBAL_USERNAME=username
ROUTE_RESTRICTOR_GLOBAL_PASSWORD=password
Your entire application will then be protected by these details, unless a route specific restriction is in place.
Alternatively, you can modify the global restriction username and password in your config/laravel-route-restrictor.php
configuration file.
Restricting specific routes
To restrict specific routes, you must edit your routes file. Simply surround the route or routes you want to restrict with the following route group code. Ensure you change the username
and password
middleware parameters.
Route::group(['middleware' => 'routeRestrictor:username,password'], function () { // Route(s) to restrict go here });
Note: If you have both route specific restrictions and a global restriction, both will work, but route specific restrictions will take priority.
Excluding specific routes from restriction
If you wish to exclude one or more routes from restriction, you must edit your routes file. Simply surround the route or routes you want to exclude with the following route group code.
Route::group(['middleware' => 'routeRestrictor:disable'], function () { // Route(s) to exclude from restriction go here });