Level 102
Password protected?
https://ubiq.co/tech-blog/how-to-password-protect-directory-in-nginx/
Nov 24, 2021
6
Level 54
protecting a directory of static files
I'm looking at an appropriate way to protect a directory within our laravel application.
The files are currently being generated by scribe, and outputs a directory full of html and css files into public/docs/
What I'd like to do is to protect that route so that it can only be accessed if config('app.env') !='live'
Can someone point me to the best way to deal with this. I would suspect I'd be better to render the directory outside of the public directory and then add a route with a config check to allow me to render the directory?
Level 54
@Sinnbeck I don't really want to password protect it as that involves managing and distributing the password. Our Staging and QA sites are only accessible via our vpn, so that should provide security without the need for password.
Level 102
@automica can't you just set the directory to deny all on the production server? Or allow specific ips in the same way
location /docs { deny all; }
Level 54
@Sinnbeck the simplest ways are always the best :P
Level 102
@automica yeah. Directory stuff = nginx
Level 31
Sorry to reply to this old post but I'm on the same mission to find password protection, and I don't want to resort to NGinx directory protection.
The Scribe documentation states:
laravel will generate the documentation as a Blade view within the resources/views/scribe folder, so you can add routing and authentication.
Perhaps there is another way using something more built-in to Laravel as opposed to built-in to NGinx?
EDIT:
Nevermind, I see you can remove the default route in config/scribe.php:
'add_routes' => false,
Then you can do it the Laravel way instead.
Please or to participate in this conversation.