Skip to content

Commit 09667f7

Browse files
author
HungNA - Technical Manager
committed
Add BasicAuthWithCors
1 parent 73b11b7 commit 09667f7

File tree

4 files changed

+89
-1
lines changed

4 files changed

+89
-1
lines changed

config/config.php renamed to config/config-laravel-basic-auth.php

File renamed without changes.

config/config-laravel-basic-cors.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
<?php
2+
3+
return [
4+
'accept_from_url' => env('APP_CORS_ACCEPT_FROM'),
5+
];

src/LaravelBasicAuthServiceProvider.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,9 +14,13 @@ class LaravelBasicAuthServiceProvider extends ServiceProvider
1414
public function boot()
1515
{
1616
$this->mergeConfigFrom(
17-
__DIR__ . '/../config/config.php',
17+
__DIR__ . '/../config/config-laravel-basic-auth.php',
1818
'laravel-basic-auth'
1919
);
20+
$this->mergeConfigFrom(
21+
__DIR__ . '/../config/config-laravel-basic-cors.php',
22+
'laravel-basic-cors'
23+
);
2024
}
2125

2226
/**

src/Middleware/BasicAuthWithCors.php

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
<?php
2+
3+
namespace nguyenanhung\Laravel\BasicAuth\Middleware;
4+
5+
use Closure;
6+
use Illuminate\Http\JsonResponse;
7+
use Illuminate\Http\Request;
8+
use Symfony\Component\HttpFoundation\Response;
9+
10+
class BasicAuthWithCors
11+
{
12+
protected $addDomainPassCors = [];
13+
protected $defaultDomainPassCors = [
14+
'localhost.test'
15+
];
16+
protected $defaultDomain = 'localhost.test';
17+
protected $overrideErrorResponse = false;
18+
19+
protected function patternDomain($domain = ''): string
20+
{
21+
if (empty($domain)) {
22+
$domain = $this->defaultDomain;
23+
}
24+
$domain = str_replace('.', '\.', $domain);
25+
$domain = trim($domain);
26+
return '/^(https?:\/\/)?([a-zA-Z0-9-]+\.)*' . $domain . '\/?/';
27+
}
28+
29+
protected function acceptRequestRestful($origin, Request $request, Closure $next)
30+
{
31+
return $next($request)
32+
->header('Access - Control - Allow - Origin', $origin)
33+
->header('Access - Control - Allow - Methods', 'GET, POST, PUT, DELETE, OPTIONS')
34+
->header('Access - Control - Allow - Headers', 'Content - Type, Authorization');
35+
}
36+
37+
protected function errorResponse(): JsonResponse
38+
{
39+
$response = [
40+
'error' => 'Cors Error'
41+
];
42+
return response()->json($response, Response::HTTP_INTERNAL_SERVER_ERROR);
43+
}
44+
45+
/**
46+
* @param Request $request
47+
* @param Closure $next
48+
* @return mixed
49+
*/
50+
public function handle(Request $request, Closure $next)
51+
{
52+
$origin = $request->header('Origin');
53+
$defaultListDomainCors = $this->defaultDomainPassCors;
54+
55+
// Add from Config
56+
$acceptCorsUrl = config('laravel-basic-cors.accept_from_url');
57+
if (!empty($acceptCorsUrl)) {
58+
$acceptListDomainCors = array_merge_recursive($defaultListDomainCors, explode(',', $acceptCorsUrl));
59+
$acceptListDomainCors = array_unique($acceptListDomainCors);
60+
} else {
61+
$acceptListDomainCors = $defaultListDomainCors;
62+
}
63+
64+
if (!empty($this->addDomainPassCors) && is_array($this->addDomainPassCors)) {
65+
$listDomainCors = array_merge_recursive($acceptListDomainCors, $this->addDomainPassCors);
66+
} else {
67+
$listDomainCors = $acceptListDomainCors;
68+
}
69+
$listDomainCors = array_unique($listDomainCors);
70+
71+
foreach ($listDomainCors as $domain) {
72+
if ($origin && preg_match($this->patternDomain($domain), $origin)) {
73+
return $this->acceptRequestRestful($origin, $request, $next);
74+
}
75+
}
76+
77+
return $this->errorResponse();
78+
}
79+
}

0 commit comments

Comments
 (0)