einundzwanzig/einundzwanzig-portal
1
0
Fork 0
mirror of https://github.com/Einundzwanzig-Podcast/einundzwanzig-portal.git synced 2025-12-11 06:46:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

horizon secret

Browse Source
This commit is contained in:
HolgerHatGarKeineNode
2023-02-04 13:17:34 +01:00
parent 0276247de3
commit 36ce3b51f6
4 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Middleware/VerifyCsrfToken.php
View File

@@ -12,6 +12,6 @@ class VerifyCsrfToken extends Middleware
* @var array<int, string> * @var array<int, string>
*/ */
protected $except = [ protected $except = [
// 'horizon/*',
]; ];
} }

8
app/Providers/HorizonServiceProvider.php
View File

@@ -28,8 +28,12 @@ class HorizonServiceProvider extends HorizonApplicationServiceProvider
*/ */
protected function gate(): void protected function gate(): void
{ {
Gate::define('viewHorizon', function ($user) { Gate::define('viewHorizon', function ($user = null) {
return $user->hasRole('super-admin'); if (empty($user)) {
return request()->bearerToken() === config('services.horizon.secret');
} else {
return $user->hasRole('horizon-admin');
}
}); });
} }
} }

2
config/cors.php
View File

@@ -15,7 +15,7 @@ return [
| |
*/ */
'paths' => ['api/*', 'sanctum/csrf-cookie'], 'paths' => ['api/*', 'sanctum/csrf-cookie', 'horizon/*'],
'allowed_methods' => ['*'], 'allowed_methods' => ['*'],

4
config/services.php
View File

@@ -14,6 +14,10 @@ return [
| |
*/ */
'horizon' => [
'secret' => env('HORIZON_SECRET'),
],
'mailgun' => [ 'mailgun' => [
'domain' => env('MAILGUN_DOMAIN'), 'domain' => env('MAILGUN_DOMAIN'),
'secret' => env('MAILGUN_SECRET'), 'secret' => env('MAILGUN_SECRET'),