PhiloNL / philo-dev-comments

0 stars 0 forks source link

manage-your-laravel-horizon-instances-with-observer/ #5

Open utterances-bot opened 3 years ago

utterances-bot commented 3 years ago

Manage your Laravel Horizon instances with Observer

All your favorite Laravel Horizon features are packed into a single desktop application. A must-have for every Laravel developer.

https://philo.dev/manage-your-laravel-horizon-instances-with-observer/

modernben commented 3 years ago

Love it so far! Was able to get it working with the web middleware to keep the in browser functionality alive in case I'm not in front of the computer. Awesome tool!

proclame commented 3 years ago

Same as @modernben, disabling the web version is not really an option.

For the Tags & Retry options: I could circumvent the 419 error by adding 'horizon/*' to the VerifyCsrfToken middleware except array, but was still getting a 403 after that. Tried going to api middleware to test if it helps, but had the same result. Didn't look much further yet what it is running into; maybe the token isn't coming along in POST requests (just a guess tbh) ?

Loving the convenience of it though!

PhiloNL commented 3 years ago

@modernben @proclame thanks for the feedback 🙌🏻 adding the exception to the VerifyCsrfToken middleware works perfectly while the web version also still works.

I've updated the article and pushed an update (v1.0.6), if you have the app active it will notify you after about 5 minutes about the new update, otherwise you can click 'Check for updates' from the main menu.

If you get the CORS error, click 'Clear cache and restart' from the main menu and try again. Let me know if that works 😄

proclame commented 3 years ago

Yes, tags & retrying of jobs now works as expected. Awesome! :-)

lokesh-zersys commented 3 years ago

I was getting 403.

My gate() in HorizonServiceProvider was as below

Gate::define('viewHorizon', function ($user) { if (empty($user)) { return request()->bearerToken() === config('services.horizon.secret'); } else { return in_array($user->email, [ ]); } });

Changed the following line Gate::define('viewHorizon', function ($user = null) {

It started working.

flatcapco commented 2 years ago

Hey just bought this so a few notes:

1, It'd be nice if no key was asked for the local env and if tags were dropdown-able plus free text.

2, cors didn't come as standard with my laravel version it might be because I installed at 7 and upgraded to 8.. so I had to download the fruitcake/cors package (is this right?)

3, The wording for the authorisation key seems misleading - shouldn't it be named horizon_secret like the config suggests?

4, Even with the steps followed I can't get mine working locally on Valet when I can access the horizon dashboard just fine and the error says "the server said ."

Hope this helps

PhiloNL commented 2 years ago

Hi @latwelve, Thanks for your feedback 😄

  1. In your local environment you can leave the key field empty. Laravel does not require any authentication locally.
  2. If you use Laravel 7 you can indeed use the fruitcake/cors package, I think this works with Laravel 7 so it isn't required to upgrade to Laravel 8. Alternatively, you can set the CORS headers on server level, like your Apache or Nginx config.
  3. That makes sense, I'll update the naming.
  4. If you don't get any response it means it has to do with the CORS headers (I'm improving the error message on this). You can verify the CORS settings by running the following command from your terminal:
curl -H "Access-Control-Request-Method: GET" -H "Origin: http://localhost" --head <HORIZON-URL>/api/jobs/failed

This should return something like:

HTTP/1.1 200 OK
Server: nginx/1.19.10
Content-Type: application/json
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8
Cache-Control: no-cache, private
Access-Control-Allow-Origin: *

If you don't see Access-Control-Allow-Origin: in your response headers it means the CORS settings are not applied. Would you mind checking if this is the case?

Thanks!

flatcapco commented 2 years ago

Thanks @PhiloNL - I'll try now :) It's actually a L8 project its just that the project started back in L7 which is why the assumption of having a cors config file was surprising - if that helps your docs! I did install the fruitcake package but maybe I don't need to and just adding the config cors file is enough?

Thanks again

Edit:

HTTP/2 200 server: nginx/1.21.1 content-type: application/json vary: Accept-Encoding x-powered-by: PHP/8.0.13 cache-control: no-cache, private date: Fri, 07 Jan 2022 10:36:44 GMT x-frame-options: SAME ORIGIN access-control-allow-origin: https://booking.XXX.test vary: Origin

It seems its locked to the origin of my own local url

Update:

cors config:

I had:

'allowed_origins' => ['*.XXX.co.uk','*.XXX.fr','*.XXX.test'],

I updated to * for the test and it works.

However is there not a way to lock this down a bit more?

Thanks

PhiloNL commented 2 years ago

@latwelve great to hear it now works. You can lock it down a bit more and update the allowed_origins by replacing * with 'app://.':

'allowed_origins' => ['app://.', *.XXX.co.uk','*.XXX.fr','*.XXX.test'],
flatcapco commented 2 years ago

Perfect - cheers thats great. just checked fruitcake package is needed for me even though im on l8 so possibly worth a nod to that in the docs too if coming from a project that started pre l8

Many thanks again - thats me out :) cheers

stahlit commented 2 years ago

Hello, I just started to use this application and must say I like it.

However something that could be good to implement in the example (which some might not think of) is that if you don't enter a HORIZON_SECRET in your .env the horizon becomes open for all to access.

So if you would push this code and be abit slow / forget to update .env with any credentials it's basicly open to public.

I added this kind of snippet myself to avoid this in the HorizonServiceProvider.php

Gate::define('viewHorizon', function ($user = null) { if (empty($user)) { if(!empty(config('services.horizon.secret')) || strlen(config('services.horizon.secret')) >= 10) { return request()->bearerToken() === config('services.horizon.secret'); } else { abort(403); } } else { return in_array($user->email, [ // your email ]); } });

HelloChrisBrown commented 2 years ago

Feature request. I have some instances where the horizon url is not exposed. Would it be possible to just add the redis url with user/pass?