README

Laravel Access Guard is a robust package to add access restrictions to specific routes in your Laravel application. It supports authentication through email and IP-based access controls, with OTP verification and browser session management.

Features

Access control based on email and IP.
OTP verification for enhanced security.
Configurable session expiration time.
Flexible browser session tracking.
Easy-to-use middleware for access verification.

Installation

You can install the package via Composer:

composer require sharq-labs/laravel-access-guard

run the migrations:

php artisan migrate

Publish the configuration file:

php artisan vendor:publish --tag="laravel-access-guard-config"

Usage

Add the VerifyAccess middleware to routes that need access restrictions:

php

use Sharqlabs\LaravelAccessGuard\Http\Middleware\VerifyAccess;

Route::middleware([VerifyAccess::class])->group(function () {
    Route::get('/protected-route', [ProtectedController::class, 'index']);
});

Usage in Laravel Project

After installing your package in a Laravel project, use the following commands:

Add Domain:

php artisan access-guard:add-domain --domain=google.com

Add Email:

 php artisan access-guard:add-record --email="user@example.com"

Show Whitelisted Email

php artisan access-guard:show-whitelisted

Remove Whitelisted IP

php artisan access-guard:remove-whitelisted --email="user@example.com"

Environment Variables Configuration

This document provides details on the environment variables used for configuring the system.

Session Configuration

Variable	Description	Default Value
`SESSION_TOKEN_EXPIRY_DAYS`	Defines the session token expiration in days.	`7`

OTP (One-Time Password) Configuration

Variable	Description	Default Value
`OTP_EXPIRES_IN_MINUTES`	Specifies the OTP expiration time in minutes.	`10`

Rate Limiting Configuration

Variable	Description	Default Value
`ACCESS_GUARD_RATE_LIMIT_REQUESTS`	Maximum number of requests allowed within the rate-limit window.	`500`
`ACCESS_GUARD_RATE_LIMIT_RESET_INTERVAL`	Duration (in minutes) for the rate-limit to reset.	`1`

Session Driver Configuration

Variable	Description	Default Value
`ACCESS_GUARD_SESSION_DRIVER`	Session driver used for Access Guard.	`file`

Notification Email Settings

Variable	Description	Default Value
`ACCESS_GUARD_NOTIFICATION_EMAILS`	Comma-separated list of recipient email addresses for notifications.	`""` (empty string)
`ACCESS_GUARD_ERROR_NOTIFICATIONS_ENABLED`	Enable or disable error notifications.	`false`
`ACCESS_GUARD_VERIFY_EMAIL_ENABLED`	Enable or disable email verification notifications.	`false`

Basic Auth Authentication Settings

| Variable                   | Description                                       | Default Value |
|----------------------------|---------------------------------------------------|---------------|
| `ACCESS_GUARD_USERNAME`    | The username used for Basic Authentication.       | `admin`       |
| `ACCESS_GUARD_PASSWORD`    | The password used for Basic Authentication.       | `secret`      |

Notes:

Ensure these variables are set in your .env file for proper configuration.
Default values are provided as a guideline and can be adjusted to meet specific application needs.
Use descriptive comments in your .env file for better readability and maintenance.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

sharq-labs

License

The MIT License (MIT). Please see License File for more information.

sharq-labs / laravel-access-guard

Maintainers

Details