fix: enforce HTTPS in production environment
Add URL::forceScheme('https') in AppServiceProvider to ensure all generated URLs use HTTPS when the application is in production. This improves security by enforcing secure connections.
This commit is contained in:
Jp
@@ -4,6 +4,7 @@ namespace App\Providers;
|
|||||||
|
|
||||||
use App\Policies\RolePolicy;
|
use App\Policies\RolePolicy;
|
||||||
use Illuminate\Support\Facades\Gate;
|
use Illuminate\Support\Facades\Gate;
|
||||||
|
use Illuminate\Support\Facades\URL;
|
||||||
use Illuminate\Support\ServiceProvider;
|
use Illuminate\Support\ServiceProvider;
|
||||||
use Spatie\Permission\Models\Role;
|
use Spatie\Permission\Models\Role;
|
||||||
|
|
||||||
@@ -22,6 +23,10 @@ class AppServiceProvider extends ServiceProvider
|
|||||||
*/
|
*/
|
||||||
public function boot(): void
|
public function boot(): void
|
||||||
{
|
{
|
||||||
|
if ($this->app->environment('production')) {
|
||||||
|
URL::forceScheme('https');
|
||||||
|
}
|
||||||
|
|
||||||
Gate::before(function ($user, $ability) {
|
Gate::before(function ($user, $ability) {
|
||||||
return $user->hasRole('super_admin') ? true : null;
|
return $user->hasRole('super_admin') ? true : null;
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user