Downloads
Stars
Version
This package provides a middleware for securing access to Nova by requiring a secret key to be provided in the URL.
Once you've set up and configured this package, it works by preventing access to http://my-website.com/nova
.
If you try to visit that link, you'll see a "404" message.
But if you add the secret key at the end of the URL like this: http://my-website.com/nova/secret
, you'll be able to access the Nova login page.
This functionality is facilitated through a specific type of cookie working behind the scenes. This cookie validates whether you possess the authorization to access the Nova login page.
You can install the package via Composer:
composer require dasundev/nova-access-secret
Optionally, you can publish the config file using:
php artisan vendor:publish --tag="nova-access-secret-config"
After installing the package, open the .env file and add the following key with your secret key:
NOVA_ACCESS_SECRET_KEY=secret
To access Nova, append the secret key to the Nova URL like this:
https://my-website.com/nova/secret
Now, your Nova access is secured with the provided secret key.
If you want to disable the secret access, simply keep the NOVA_ACCESS_SECRET_KEY value empty or delete the key from the .env file.
To enhance security, you have the option to include your own cookie class through the configuration file.
<?php
return [
/*
|--------------------------------------------------------------------------
| Access Secret Cookie
|--------------------------------------------------------------------------
|
| To use your own access secret cookie, set it here.
|
*/
'cookie' => MyAccessSecretCookie::class
];
Please see CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING for details.