Nova Access Secret
✨ Introduction
This package provides a middleware for securing access to Nova by requiring a secret key to be provided in the URL.
🔍 How it Works
Once you've set up and configured this package, it works by preventing access to http://my-website.com/nova.
If you try to visit that link, you'll see a "404" message.
But if you add the secret key at the end of the URL like this: http://my-website.com/nova/secret, you'll be able to access the Nova login page.
This functionality is facilitated through a specific type of cookie working behind the scenes. This cookie validates whether you possess the authorization to access the Nova login page.
📦 Installation
You can install the package via Composer:
composer require dasundev/nova-access-secretOptionally, you can publish the config file using:
php artisan vendor:publish --tag="nova-access-secret-config"👩💻 Usage
After installing the package, open the .env file and add the following key with your secret key:
NOVA_ACCESS_SECRET_KEY=secretTo access Nova, append the secret key to the Nova URL like this:
https://my-website.com/nova/secret
Now, your Nova access is secured with the provided secret key.
If you want to disable the secret access, simply keep the NOVA_ACCESS_SECRET_KEY value empty or delete the key from the .env file.
🔐 Enhance Security
To enhance security, you have the option to include your own cookie class through the configuration file.
<?php
return [
/*
|--------------------------------------------------------------------------
| Access Secret Cookie
|--------------------------------------------------------------------------
|
| To use your own access secret cookie, set it here.
|
*/
'cookie' => MyAccessSecretCookie::class
];🔄 Changelog
Please see CHANGELOG for more information on what has changed recently.
🤝 Contributing
Please see CONTRIBUTING for details.
