From 36ce3b51f635257e59d65432d7f110a1546f6ee0 Mon Sep 17 00:00:00 2001 From: HolgerHatGarKeineNode Date: Sat, 4 Feb 2023 13:17:34 +0100 Subject: [PATCH] horizon secret --- app/Http/Middleware/VerifyCsrfToken.php | 2 +- app/Providers/HorizonServiceProvider.php | 8 ++++++-- config/cors.php | 2 +- config/services.php | 4 ++++ 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php index 9e865217..4e5ab298 100644 --- a/app/Http/Middleware/VerifyCsrfToken.php +++ b/app/Http/Middleware/VerifyCsrfToken.php @@ -12,6 +12,6 @@ class VerifyCsrfToken extends Middleware * @var array */ protected $except = [ - // + 'horizon/*', ]; } diff --git a/app/Providers/HorizonServiceProvider.php b/app/Providers/HorizonServiceProvider.php index b8029941..4ced6f41 100644 --- a/app/Providers/HorizonServiceProvider.php +++ b/app/Providers/HorizonServiceProvider.php @@ -28,8 +28,12 @@ class HorizonServiceProvider extends HorizonApplicationServiceProvider */ protected function gate(): void { - Gate::define('viewHorizon', function ($user) { - return $user->hasRole('super-admin'); + Gate::define('viewHorizon', function ($user = null) { + if (empty($user)) { + return request()->bearerToken() === config('services.horizon.secret'); + } else { + return $user->hasRole('horizon-admin'); + } }); } } diff --git a/config/cors.php b/config/cors.php index 8a39e6da..65519f41 100644 --- a/config/cors.php +++ b/config/cors.php @@ -15,7 +15,7 @@ return [ | */ - 'paths' => ['api/*', 'sanctum/csrf-cookie'], + 'paths' => ['api/*', 'sanctum/csrf-cookie', 'horizon/*'], 'allowed_methods' => ['*'], diff --git a/config/services.php b/config/services.php index 1ae9ffd2..4c45fdea 100644 --- a/config/services.php +++ b/config/services.php @@ -14,6 +14,10 @@ return [ | */ + 'horizon' => [ + 'secret' => env('HORIZON_SECRET'), + ], + 'mailgun' => [ 'domain' => env('MAILGUN_DOMAIN'), 'secret' => env('MAILGUN_SECRET'),