0

I developed a laravel API and installed laravel telescope. I want to restrict telescope on prod server, but I don't know how to do it. Solution I found is with Gate, but not working. So my idea is how to restrict route only to specific people (1 or 2). Now all users have access to /telescope.

 Gate::define('viewTelescope', function ($user) {
        return in_array($user->email, [
            //emails
        ]);
    });
Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
Plamen Penchev
  • 357
  • 1
  • 5
  • 15
  • What file did you place the above `Gate` in? When you say it is not working, what do you mean? Is it not letting any users access, or is it letting all users access, or something else entirely? – James Nov 22 '19 at 11:57
  • oo yea sorry letting all users access. The Gate is inside of TelescopeServiceProvider.php – Plamen Penchev Nov 22 '19 at 12:16
  • How does your gate not work, show how you use it and define it? – mrhn Nov 22 '19 at 12:21

2 Answers2

1

Most probably you must have set the environment to local in the .env file of the server.

so just change APP_ENV=production in your server .env file

hope this helps for anyone looking for the answer.

fasriyaa
  • 41
  • 2
0

you can also limit access to telescope by user id:

in app\Providers\TelescopeServiceProvider.php

protected function gate()
{
    Gate::define('viewTelescope', function ($user) {
     return in_array($user->id, [2,10,57,128,]);
        });
}

then add this code to config/telescope.php

    'watchers' => [
.
.
.
        Watchers\GateWatcher::class => [
            'enabled' => env('TELESCOPE_GATE_WATCHER', true),
            'ignore_abilities' => [],
            'ignore_packages' => true,
        ],
.
.
.
    ],

this works just in production mode.

at the end should be noted(based on laravel docs):

You should ensure you change your APP_ENV environment variable to production in your production environment. Otherwise, your Telescope installation will be publicly available.

Hojjat
  • 158
  • 2
  • 4