In this short snippet tutorial, we'll see how to setup a HTTP Basic auth to protect our Laravel Horizon dashboard from unnecessary access.
Laravel Horizon
Horizon provides a beautiful dashboard and code-driven configuration for your Laravel powered Redis queues. Horizon allows you to easily monitor key metrics of your queue system such as job throughput, runtime, and job failures.
All of your worker configuration is stored in a single, simple configuration file, allowing your configuration to stay in source control where your entire team can collaborate.
Pre Requisites
- Understanding of Laravel
- Laravel Horizon installed.
- Roles & Permissions configured on your Laravel App.
Securing Horizon with Basic Auth
Let’s create a new middleware & name it HorizonHttpAuth using artisan CLI.
php artisan make:middleware HorizonHttpAuth
This middleware was extending Illuminate\Auth\Middleware\AuthenticatedWithBasicAuth and then we overwritten the handle()method.
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
class HorizonHttpAuth extends AuthenticateWithBasicAuth
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
return $this->auth->guard($guard)->basic('email') ?: $next($request);
}
}To activate the new middleware, we added new definition into app/Http/Kernel.php and gave name horizon.auth.
protected $routeMiddleware = [
'horizon.auth' => \App\Http\Middleware\HorizonAuthBasic::class,
];To make all Laravel Horizon page used the middleware, we added new config key middleware in the app/horizon.php
'middleware' => ['web', 'horizon.auth'],That’s it. Now we can see the Laravel Horizon dashboard using HTTP basic authentication.
