Basic Auth For Production rap2hpoutre#294

ashokdevatwal · Jan 3, 2024 · e911ac4 · e911ac4
1 parent d09e6b5
commit e911ac4
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 0 deletions.
diff --git a/src/Rap2hpoutre/LaravelLogViewer/LaravelLogViewerServiceProvider.php b/src/Rap2hpoutre/LaravelLogViewer/LaravelLogViewerServiceProvider.php
@@ -4,6 +4,10 @@
 
 use Illuminate\Support\ServiceProvider;
 
+use Illuminate\Routing\Router;
+
+use Rap2hpoutre\LaravelLogViewer\LogViewerBasicAuthMiddleware;
+
 class LaravelLogViewerServiceProvider extends ServiceProvider
 {
     /**
@@ -29,6 +33,10 @@ public function boot()
                 __DIR__.'/../../config/logviewer.php' => $this->config_path('logviewer.php'),
             ]);
         }
+
+        $router = $this->app->make(Router::class);
+        $router->aliasMiddleware('auth.logviewer', LogViewerBasicAuthMiddleware::class);
+
     }
 
     /**

diff --git a/src/config/logviewer.php b/src/config/logviewer.php
@@ -12,4 +12,14 @@
     'max_file_size' => 52428800, // size in Byte
     'pattern'       => env('LOGVIEWER_PATTERN', '*.log'),
     'storage_path'  => env('LOGVIEWER_STORAGE_PATH', storage_path('logs')),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Basic Auth
+    |--------------------------------------------------------------------------
+    |
+    */
+
+    'username'       => env('LOGVIEWER_USERNAME', 'username'),
+    'password'       => env('LOGVIEWER_PASSWORD', 'password'),
 ];
diff --git a/src/middleware/LogViewerBasicAuthMiddleware.php b/src/middleware/LogViewerBasicAuthMiddleware.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace Rap2hpoutre\LaravelLogViewer;
+
+use Closure;
+
+use Config;
+
+class LogViewerBasicAuthMiddleware
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $username = Config::get('logviewer.username');
+        $password = Config::get('logviewer.password');
+
+        $givenUsername = $request->getUser();
+        $givenPassword = $request->getPassword();
+
+        if ($givenUsername !== $username || $givenPassword !== $password) {
+            return response('Unauthorized.', 401, ['WWW-Authenticate' => 'Basic']);
+        }
+
+        return $next($request);
+    }
+}