Reputation: 437
Laravel Api -> restrict Telescope on production
I developed a laravel API and installed laravel telescope. I want to restrict telescope on prod server, but I don't know how to do it. Solution I found is with Gate, but not working. So my idea is how to restrict route only to specific people (1 or 2). Now all users have access to /telescope.
Gate::define('viewTelescope', function ($user) {
return in_array($user->email, [
//emails
]);
});
Upvotes: 0
Views: 1889
Answers (2)
Reputation: 168
you can also limit access to telescope by user id:
in app\Providers\TelescopeServiceProvider.php
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return in_array($user->id, [2,10,57,128,]);
});
}
then add this code to config/telescope.php
'watchers' => [
.
.
.
Watchers\GateWatcher::class => [
'enabled' => env('TELESCOPE_GATE_WATCHER', true),
'ignore_abilities' => [],
'ignore_packages' => true,
],
.
.
.
],
this works just in production mode.
at the end should be noted(based on laravel docs):
You should ensure you change your APP_ENV environment variable to production in your production environment. Otherwise, your Telescope installation will be publicly available.
Upvotes: 0
Reputation: 41
Most probably you must have set the environment to local in the .env file of the server.
so just change APP_ENV=production in your server .env file
hope this helps for anyone looking for the answer.
Upvotes: 1
Related Questions
- Can not get access to Telescope dashboard
- Laravel Telescope - 403 Forbidden
- Laravel Telescope 403 production
- Laravel Telescope hide Nova requests
- Laravel - Protect API routes
- What is the easiest way to protect api routing in laravel5.4
- Middleware not restricting the routes using laravel 5.4.6
- Laravel API - protecting route access
- What is the best way to configure route restriction in PHP Laravel 5?
- How to restrict routes in Laravel 4?