I'm trying to document my laravel api and I'm using the scramble package. Locally everything works fine but in a production environment there's a bug (a 403 error when I access the page).
I followed the documentation and added a gate(The e-mail I'm showing you is just an example, to be on the safe side.)
Gate::define('viewApiDocs', function (User $user) {
return in_array($user->email, ['[email protected]']);
});
<?php
namespace Dedoc\Scramble\Http\Middleware;
use Illuminate\Support\Facades\Gate;
class RestrictedDocsAccess
{
public function handle($request, \Closure $next)
{
if (app()->environment('local')) {
return $next($request);
}
if (Gate::allows('viewApiDocs')) {
return $next($request);
}
abort(403);
}
}
//new middleware
public function handle($request, \Closure $next)
{
$user = $request->session()->get('user');
if (app()->environment('local')) {
return $next($request);
}
if (!$user) {
return redirect('login');
}
if (in_array($user->email, ["[email protected]"])) {
return $next($request);
}
abort(403);
}
and at the end I'd like to have my documentaion as in a local environment
scramble-configconfig/scramble.php file - middleware section: RestrictedDocsAccess::class - override your classPackage middleware
public function handle($request, \Closure $next)
{
if (app()->environment('local')) {
return $next($request);
}
if (Gate::allows('viewApiDocs')) {
return $next($request);
}
abort(403);
}
<?php
namespace App\Http\Middleware;
class MyRestrictedDocsAccess
{
public function handle($request, \Closure $next)
{
if (app()->environment('local')) {
return $next($request);
}
$user = $request->user();
if (in_array($user->email, ['[email protected]'])) {
return $next($request);
}
abort(403);
}
}
config/scramble.php
'middleware' => [
'web',
\App\Http\Middleware\MyRestrictedDocsAccess::class,
],