stauth/laravel-stauth

Staging server athorization package, .htaccess alternative

Maintainers

Details

github.com/stauth/laravel-stauth

Source

Issues

Installs: 1 241

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 0

Open Issues: 0

0.0.7 2017-11-09 14:08 UTC

Requires

MIT 11b75675b1bce0b64483021332b075a999480c19

This package is not auto-updated.

Last update: 2024-04-12 22:23:39 UTC

README

Latest Stable Version Total Downloads License composer.lock available

Staging server athorization package, alternative for .htaccess, register at stauth.io

Installation

composer require stauth/laravel-stauth

Local and staging

If you don't want Stauth service provider to be exeuted at production environment, create StauthProtectionServiceProvider

namespace App\Providers;

use Illuminate\Support\ServiceProvider;
use Stauth\StauthServiceProvider;

class StauthProtectionServiceProvider extends ServiceProvider
{
    /**
     * Register any application services.
     *
     * @return void
     */
    public function register()
    {
        if ($this->app->environment('local', 'staging')) {
            $this->app->register(StauthServiceProvider::class);
        }
    }
}

And add it to config/app.php below AppServiceProvider:

'providers' => [

        /**
         * Stauth app access protection
         */
        App\Providers\StauthProtectionServiceProvider::class,     
],

Production

If you don't mind Stauth service provider being executed at production environment, or you want to protect your production env, add it directly at providers array in config/app.php.

'providers' => [

        /**
         * Staging access control
         */
        Stauth\StauthServiceProvider::class,        
],

Add Stauth middleware in app/Http/Kernel.php, it is very important that StauthProtection is above any response cache extension middleware like laravel-responsecache:

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
   
        'web' => [
            ...
            \Stauth\Middleware\StauthProtection::class,
    ],

Generate access token at stauth.io and add it as a STAUTH_ACCESS_TOKEN param in .env file:

STAUTH_ACCESS_TOKEN=verylongchainoflettersmixedwithsomerandomnumbers123

By default protected environment is staging, in order to change this, add STAUTH_PROTECTED_ENV param in .env file:

STAUTH_PROTECTED_ENV=local

Other

If you want to know or do more, read below.

Publish configuration

You can publish configuration and update required params in php file:

php artisan vendor:publish --provider="Stauth\StauthServiceProvider" --tag=config

Cache

Please keep in mind that this package takes adventage of csrf_token, therefore it is important to exclude both routes /stauth/protected and /stauth/authorize from any response caching engines.