I made webpage with Laravel which next I put on private server. After doing that I found out that my links to named routes aren't working.
After online research and talking with server administrator I learned that route() helper in Laravel is using request domain to build links, and that this server will always give me IP address instead of domain and that it is impossible on this server to access anything via IP address, it needs to be via domain.
Because of need to quick dealing with the problem I temporary made custom helper that using route() inside of it and changing IP address in result to app domain (taken from config). It works fine but I can't use third party libraries thanks to that. And I don't like it.
I tought about using middleware on whole app to change that IP address in request on domain but I have no idea (And I couldnt find it in Google) how to do that so route() helper would read it properly. Can you give me any ideas about that?
Thanks in advance.
You can do this little hack if your APP_URL env variable is not working for whatever reason. In your AppServiceProvider boot function add the following:
$this->app->resolving(UrlGenerator::class, function (UrlGenerator $generator) {
$generator->forceRootUrl(env('APP_URL'));
});
This should force a new root url when resolving the url generator.
Related
I am trying to implement a basic image fetch system for my website. Already created a route that returns me the image.
what concerns me is that i want that route to be only accessible by certain controllers.
Tried to search it and found out passport might be viable option but it's pretty complex for this app. Are there any possible options ?
EDIT:
Sorry for providing insufficient information. I want the route to be accessible only by CONTROLLERS, not by anyone who enters the route url to address bar. Like using it as an api maybe.
There several ways to achieve that, you can use middleware, you can consider using packages like entrust which also require you to have some knowledge about using middleware. or use laravel Auth
create a table add all the routes in that table and then check the allowed route in AppService provider.
$routename = Request::route()->getName();
$allowed_route = AllowedRoutes::where("route","=",$routename)->count();
if($allowed_route == 0)
exit();
I am quite new with codeigniter and ion-auth2 package for authentications. right now I have my codeigniter and the ion-auth package, both are merged,database has set upped and looks to have no error. I can access my index.php and default page with no error, but when I want to go to my ion-auth route using it's route like this:
localhost:81/code/index.php/auth
after i press enter.it redirects me to a route like this:
[::1]/code/index.php/auth/login
My problem is why I am getting the IPv6 format after accessing the auth controller.
The page looks like:
that's just your localhost ip, when you deploy your project online it will be something like a ipv4 address, don't worry about it. It's okay and will impact no harm to your project :)
You could update your Apache/Nguni settings to respond to this as well but the easiest solution is probably to set your base_url in your codeigniter config file you “local host” or whatever you’re using for the v4.
Im not sure if my question is valid, I have a laravel app, by default I can access it using http protocol,
but due to security reasons, I was instructed to use https instead,
So I was planning to configure my apache and use the default-ssl.conf,
but before I do that, I want to know if changing it to https will it affect my routes?
No, it will not affect your routes.
To make all helpers like route(), url(), action() etc generate HTTPS links change http to https in the .env file:
APP_URL=https://some.app
It MAY affect your routes !
If you are using cloudflare for your ssl certificate, Laravel will not recognise it as a secure url, You will have to specify in your code that you want a secure url
for example for your assets, you may have to use
secure_asset('img/photo.jpg')
Normal SSH and Cpanel
If you are using normal ssh provided by server providers then do not worry,
You just need to change in your environment file.
which is placed in project_root/.env where you can change your APP_URL from http:// to https://
Also you can directly change in config/app.php in 'url' parameter.
cloudflare
Answer of Mathieu Ferre is correct
if you want to use mixed routes in your application you can use some laravel built-in helper methods.
use secure_asset() and url('url',params, true) the last param in url() is for securing route.
EDIT 1
there is also another function secure_url for securing url. If your application is using mixed routes.
Hope this helps.
Thanks
I am facing token mismatch issue in new server while working fine in localhost. I have tried every possible way to clear cache and give SESSION_DOMAIN path in env but all seems useless.
Also session cookies are not being created in web browser while creating in storage/framework/session folder.
Please help me !
Are you getting tokenMismatchException exception?
If yes, some of the possible reasons are:
Check your files for PHP end tag "?>", if exists remove it. For more detail refer to this link.
You may need to use web middleware. For more detail refer to this link (although it is about laravel 5.2 but, it may work for your situation too).
Another thing to try is checking for web middleware presence. Normally it should be automatically applied to routes/web.php
Route::group(['middleware' => ['web']], function () {
<routes>
});
Also check out https://laravel.com/docs/5.3/upgrade to see if you have any code that might have been influenced by this update.
And lastly, it would be nice if you could post a piece of code which is responsible for sessions in your app.
Hey folks, working on a CI app that provides public ad well as private (secure) access. I have not implemented SSL before but i understand that part of the setup is specifying which folders should be accessed using https.
I would like some advice with regards to how i should structure my folders to facilitate that.
Does the setup only affect the controllers folder? in other words should I split my app controllers between a public and secure subfolders under the standard CI controllers folder?
Do I need to do do anything to my views and models folders? anything else I should be paying attention to?
Your help would be appreciated.
thanks
OK the best way to split things up the way you want, would be to:
Set up your CodeIgniter app under a folder, say /var/www and ensure everything is working as you want.
Set the base url for the site under the config.php of CodeIgniter to just "/".
Create an Apache virtual host for the secure portion of the site, listening to requests on port 443 or whatever. Install your certificate and so on. http://www.namecheap.com are good for certs. Set up the web root as the CodeIgniter folder, e.g. /var/www.
Create a further Apache virtual host, pointing to the same directory e.g. /var/www for the unsecure version of the website.
You will now, all being well, at this stage be able to access the entire site using either https or standard http. I think you mentioned being able to take things a step further by only allowing access to certain controllers via HTTPS and certain unsecure. What I would do for this is the following.
Create a CodeIgniter library, call it say Ssl.php, under your application/libraries folder. Put in the following code:
class Ssl {
public function require()
{
// Is the current request method secure, via SSL?
if ( ! isset($_SERVER['https']) )
{
// No. Do something here, display an error, redirect... up to you
show_error("This resource must be accessed through an SSL encrypted connection.");
}
}
}
Now, in your application controllers, simply load the library the usual way $this->load->library('ssl') and for any controller method that you wish to require an SSL connection for, simply call the $this->ssl->require() method before any execution starts.
You could even go a step further and drop that method call to require() in a class controller __construct() function, or even an entire new controller that you may wish to extend from.
I hope this helps in some way.
Hey, I am in the middle of developing a CI app that is successfully running with HTTPS/SSL.
I think you are a bit confused. As far as I know, you can only set up an SSL enabled site per se by creating a new site or "virtual host" if you are using Apache for example.
So essentially if you were using Apache, you would create a virtual host to handle requests on port 443 for say https://example.com and then set the web root to say /var/www or wherever your CI app sits. You would also have to configure Apache to use your certificate file, once you have bought the cert and downloaded the bits and bobs after generating the cert request. It's easier than it sounds.
Is there any reason why you can't just have your entire app running through SSL? Rather than an encrypted and non-encrypted section? There is a small CPU overhead for SSL but it is minimal.
I hope this helps in one way or another.
EDIT IN RESPONSE TO COMMENT:
You're welcome. It's a minimal overhead. For the hassle, I would just simple put it all under an SSL vhost. Plus, if you were to split content between SSL/non-SSL, you may notice that if you include non-SSL based content on an SSL page, users will get a pesky message in their browser about "insecure content" etc, which may put them off and create some needless doubt.
It may be quite difficult to split as you want - as you would need seperate root index.php CI files for each vhost to allow CI to route it correctly. You couldn't just set a vhost serving a directory such as application/controllers/private/ because CodeIgniter wouldn't know how to handle the request without some severe modification to it's core routing.
I would honestly just stick everything under an SSL vhost. Or, another option would be to set up two CI apps running from the same system/core CI folder... if that makes sense, but then sharing content such as libraries and models will become tedious.