44 lines
1.1 KiB
PHP
44 lines
1.1 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
// SPDX-License-Identifier: EUPL-1.2
|
||
|
|
|
||
|
|
declare(strict_types=1);
|
||
|
|
|
||
|
|
namespace Core\Mod\Agentic\Mod\Api\Documentation\Middleware;
|
||
|
|
|
||
|
|
use Closure;
|
||
|
|
use Illuminate\Http\Request;
|
||
|
|
use Symfony\Component\HttpFoundation\Response;
|
||
|
|
|
||
|
|
class ProtectDocumentation
|
||
|
|
{
|
||
|
|
public function handle(Request $request, Closure $next): Response
|
||
|
|
{
|
||
|
|
if (! config('api-docs.enabled', true)) {
|
||
|
|
abort(404);
|
||
|
|
}
|
||
|
|
|
||
|
|
$config = config('api-docs.access', []);
|
||
|
|
$publicEnvironments = $config['public_environments'] ?? ['local', 'testing', 'staging'];
|
||
|
|
|
||
|
|
if (in_array(app()->environment(), $publicEnvironments, true)) {
|
||
|
|
return $next($request);
|
||
|
|
}
|
||
|
|
|
||
|
|
$ipWhitelist = $config['ip_whitelist'] ?? [];
|
||
|
|
if ($ipWhitelist !== []) {
|
||
|
|
if (! in_array($request->ip(), $ipWhitelist, true)) {
|
||
|
|
abort(403, 'Access denied.');
|
||
|
|
}
|
||
|
|
|
||
|
|
return $next($request);
|
||
|
|
}
|
||
|
|
|
||
|
|
if (($config['require_auth'] ?? false) && ! $request->user()) {
|
||
|
|
abort(403, 'Documentation access requires authentication.');
|
||
|
|
}
|
||
|
|
|
||
|
|
return $next($request);
|
||
|
|
}
|
||
|
|
}
|