lasthourcloud/app/Http/Middleware/ApiAllowed.php

34 lines
944 B
PHP
Raw Permalink Normal View History

2024-07-01 14:26:50 +00:00
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class ApiAllowed
{
public function handle(Request $request, Closure $next): Response
{
ray()->clearAll();
if (isCloud()) {
return $next($request);
}
2024-07-12 13:45:36 +00:00
$settings = \App\Models\InstanceSettings::get();
2024-07-01 14:26:50 +00:00
if ($settings->is_api_enabled === false) {
return response()->json(['success' => true, 'message' => 'API is disabled.'], 403);
}
if (! isDev()) {
if ($settings->allowed_ips) {
$allowedIps = explode(',', $settings->allowed_ips);
if (! in_array($request->ip(), $allowedIps)) {
return response()->json(['success' => true, 'message' => 'You are not allowed to access the API.'], 403);
}
}
}
return $next($request);
}
}