search

andreaselia / laravel-analytics

Analytics for the Laravel framework.
MIT License
165 stars 25 forks source link

Make the dashboard page private #50

Closed edrisranjbar closed 5 months ago

edrisranjbar commented 5 months ago

as far as I know, we do not have a choice for making that analytics endpoints part of a middle ware to limit public users get access to that. if would be great to include this setting in the config or somewhere to provide a wrapper middleware.

andreaselia commented 5 months ago

Hey @edrisranjbar 👋

You can publish the config via the command:

php artisan vendor:publish --provider="AndreasElia\Analytics\AnalyticsServiceProvider"

After publishing the config you can update the middleware array to include authentication middleware or any other kind of middleware if that's what you'd like to do.

https://github.com/andreaselia/laravel-analytics/blob/master/config/analytics.php#L14-L16

edrisranjbar commented 5 months ago

I did changed the config:

    'prefix' => 'admin/analytics',

    'middleware' => [
        'admin',
    ],

but it keeps getting redirected to main dashboard!

andreaselia commented 5 months ago

@edrisranjbar what does your middleware look like? All we do in the package is assign the middleware in the config to the routes group, so don't think there is an issue there, so I think it must be coming from your middleware. Ensure your routes aren't cached either.

edrisranjbar commented 5 months ago

The authentication middleware and configs works fine for the entire admin and user panel and public website.

    public function handle(Request $request, Closure $next): Response|RedirectResponse
    {
        if (!Auth::guard('admin')->check()) {
            return redirect()->route('admin.login');
        }

        return $next($request);
    }

the guard name is admin and here's the config:

<?php

return [

    'enabled' => env('ANALYTICS_ENABLED', true),

    /**
     * Analytics Dashboard.
     *
     * The prefix and middleware for the analytics dashboard.
     */
    'prefix' => 'analytics',

    'middleware' => [
        'admin',
    ],

    /**
     * Exclude.
     *
     * The routes excluded from page view tracking.
     */
    'exclude' => [
        '/analytics',
        '/analytics/*',
    ],

    /**
     * Determine if traffic from robots should be tracked.
     */
    'ignoreRobots' => true,

    /**
     * Ignored IP addresses.
     *
     * The IP addresses excluded from page view tracking.
     */
    'ignoredIPs' => [
        // '192.168.1.1',
    ],

    /**
     * Mask.
     *
     * Mask routes so they are tracked together.
     */
    'mask' => [
        // '/users/*',
    ],

    /**
     * Ignore methods.
     *
     * The HTTP verbs/methods that should be excluded from page view tracking.
     */
    'ignoreMethods' => [
         'OPTIONS', 'POST',
    ],

    'session' => [
        'provider' => \AndreasElia\Analytics\RequestSessionProvider::class,
    ],

];

will be appreciated if you can help here

andreaselia commented 5 months ago

Could it be a cache issue? Maybe check php artisan route:list and see what middleware is registered to each route?

cc: @tomirons

edrisranjbar commented 5 months ago

Yeah i checked but it looks fine.

andreaselia commented 5 months ago

Could you show me the route list export please?