LoginSignup
1
1

More than 3 years have passed since last update.

Add IP filtering on Laravel-Admin using Middleware

Posted at

Introduction

There are lots of post which introduces become accessible from only specific IP with Laravel.
However I couldn't find it adopt to Laravel-admin.

That's why I've noted here how to do it.

Flow

  1. Generate Middleware
  2. Edit Middleware
  3. Add Middleware to Kernel
  4. Edit config file
  5. Trust all proxy (If you use loadbalancer)

Code

1. Generate Middleware

$ php artisan make:middleware CheckIpMiddleware

2. Edit Middleware

app/Http/Middleware/CheckIpMiddleware.php

<?php

namespace App\Http\Middleware;

use Closure;

class CheckIpMiddleware
{
    public $whiteIps = ['xxx.xxx.xxx.xx'];

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $ip = self::getIp();
        if (!in_array($request->ip(), $this->whiteIps)) {
            abort('404');
        }

        return $next($request);
    }

    private function getIp(){
        foreach (array(
            'HTTP_CLIENT_IP',
            'HTTP_X_FORWARDED_FOR',
            'HTTP_X_FORWARDED',
            'HTTP_X_CLUSTER_CLIENT_IP',
            'HTTP_FORWARDED_FOR',
            'HTTP_FORWARDED',
            'REMOTE_ADDR'
        ) as $key){
            if (array_key_exists($key, $_SERVER) === true){
                foreach (explode(',', $_SERVER[$key]) as $ip){
                    $ip = trim($ip);
                    if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE || FILTER_FLAG_NO_RES_RANGE) !== false){
                        return $ip;
                    }
                }
            }
        }
    }
}

3. Add Middleware to Kernel

app/Http/Kernel.php
    protected $routeMiddleware = [
        ...
        'checkIp' => \App\Http\Middleware\CheckIpMiddleware::class,
    ];

4. Edit config file

config/admin.php
    /*
    |--------------------------------------------------------------------------
    | Laravel-admin route settings
    |--------------------------------------------------------------------------
    |
    | The routing configuration of the admin page, including the path prefix,
    | the controller namespace, and the default middleware. If you want to
    | access through the root path, just set the prefix to empty string.
    |
    */
    'route' => [

        'prefix' => env('ADMIN_ROUTE_PREFIX', 'admin'),

        'namespace' => 'App\\Admin\\Controllers',

        'middleware' => ['web', 'admin', 'checkIp'], // Add checkIp here
    ],

5. Trust all proxy (If you use loadbalancer)

app/Http/Middleware/TrustProxies.php
    protected $proxies = '**'; // change to allow all proxy

Refs

1
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
1
1