This write-up will cover the topic of restricting user access based on IP in Laravel 10. It is possible to restrict IP addresses from accessing users using Laravel 10, and this article will provide an uncomplicated demonstration of how to block user using middleware.
In certain scenarios, it may be necessary to prevent certain IP addresses from accessing our website. This guide will demonstrate how to create middleware and block access to URLs using IP addresses. Restricting website access based on IP address can guarantee that authorized users are the only ones able to access the website or service. This is particularly advantageous for websites or services that have confidential or sensitive information or are only intended for a specific geographic location. Access control lists, firewalls, or web application firewalls are some of the tools and techniques that website owners can use to implement IP address restrictions. These methods can be configured to restrict access to the website or service from specific IP addresses or IP address ranges or alternatively, permit access solely from trustworthy IP addresses.
We will do this is steps.
Step 1. Install Laravel 10
Commence by downloading or installing the novel Laravel 10 arrangement via your terminal. Execute the subsequent directive:
composer create-project --prefer-dist laravel/laravel <Project Name>
Step 2. Connect to the Database
Proceed to the main directory of your project and locate the file named .env. In this file, configure the database credentials as shown below:
DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=<Database Name> DB_USERNAME=<Database Username> DB_PASSWORD=<Database Password>
Step 3. Create a Middleware
Generate a middleware called ‘BlockUserMiddleware‘ and execute the subsequent command:
php artisan make:middleware BlockUserMiddleware
Proceed to the directory named app/Http/Middleware and launch the file named BlockUserMiddleware.php. Next, insert the below code into your BlockUserMiddleware.php file:
<?php
namespace App\Http\Middleware;
use Closure;
class BlockUserMiddleware
{
// set IP addresses
public $blockIps = ['ip1', 'ip2', '127.0.0.1'];
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (in_array($request->ip(), $this->blockIps)) {
return response()->json([
'message' => "You don't have permission to access this website."
], 401);
}
return $next($request);
}
}
Step 4. Register Middleware
Proceed to the next step of middleware registration by opening the file Kernel.php located in app/Http/. Then, register the middleware as follows:
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
....
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
....
'blockUser' => \App\Http\Middleware\BlockUserMiddleware::class,
];
}
Step 5. Use Middleware
For this phase, generate a single route and illustrate how to apply middleware in the route file. To begin, launch the file named ‘web.php‘ found in the ‘routes‘ directory and modify the code below:
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\BlogController;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::middleware(['blockUser'])->group(function () {
Route::resource('blog', BlogController::class);
});
Now run your project and check.
