tkaratug/laravel-domain-whitelist

A domain wwhitelist checker middleware.

1.2.0 2023-02-19 15:06 UTC

This package is auto-updated.

Last update: 2024-02-19 17:09:49 UTC


README

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

Introduction

This package contains a middleware to check whether the origin domain is in the whitelist. If not it blocks the request.

Installation

You can install the package via composer:

composer require tkaratug/laravel-domain-whitelist

You can publish the config file with:

php artisan vendor:publish --provider="Tkaratug\LaravelDomainWhitelist\LaravelDomainWhitelistServiceProvider" --tag="domain-whitelist-config"

This is the contents of the published config file:

return [
    /*
    |---------------------------------------------
    | Domains to allow
    | Leave empty to allow all requests
    |---------------------------------------------
    */
    'domains' => [
        //'*.example.com',
        //'example.com',
    ],

    /*
    |---------------------------------------------
    | Paths to exclude
    |---------------------------------------------
    */
    'excludes' => [
        //'/api/posts',
    ],
];

Usage

Packages comes with DomainWhitelist middleware. You can register it in $routeMiddleware in app/Http/Kernel.php file:

protected $routeMiddleware = [
    // ...
    'domain_whitelist' => \Tkaratug\LaravelDomainWhitelist\Middlewares\DomainWhitelist::class,
];

Use the middleware in any of your routes.

Route::middleware('domain_whitelist')->get('/', [HomeController::class, 'index']);

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.