Notification texts go here Contact Us Buy Now!

Laravel Telescope - 403 Forbidden

Overriding Authorization for Telescope in Non-local Environments

By default, Laravel Telescope is only accessible in the local environment. To enable access in non-local environments, you'll need to modify the authorization gate defined in app/Providers/TelescopeServiceProvider.php.

Here's an example of how you can modify the gate to allow specific users to access Telescope:

/**
 * Register the Telescope gate.
 *
 * This gate determines who can access Telescope in non-local environments.
 *
 * @return void
 */
protected function gate()
{
    Gate::define('viewTelescope', function ($user) {
        return in_array($user->email, [
            // Your users
            'user@yourapp.tld',
        ]);
    });
}

You can modify the list of authorized email addresses to fit your requirements.

Alternatively, you can override the authorization() method in Laravel\Telescope\TelescopeApplicationServiceProvider and include your environment name.

/**
 * Configure the Telescope authorization services.
 *
 * @return void
 */
protected function authorization()
{
    $this->gate();

    Telescope::auth(function ($request) {
        return app()->environment(['local', 'testing']) ||
               Gate::check('viewTelescope', [$request->user()]);
    });
}

This will allow access to Telescope in both the local and testing environments.

Using Cookie-based Authentication (for API Applications)

If you're using Laravel as an API application, you can use cookie-based authentication for Telescope. Add a secretTelescope cookie secret to your application and define the authorization gate as follows:

Gate::define('viewTelescope', function (?User $user) {
    return array_key_exists('secretTelescope', $_COOKIE);
});

This will allow access to Telescope to anyone who has the secretTelescope cookie.

.env Configuration

Ensure that the TELESCOPE_ENABLED environment variable is set to true in your .env file.

TELESCOPE_ENABLED=true

Additionally, set the APP_ENV variable to local if you're not already in a local environment.

Additional Notes

  • Be cautious when granting access to Telescope in non-local environments, as this could expose sensitive information.
  • Consider using a VPN or other secure connection when accessing Telescope remotely.
  • Regularly review and update the authorized users or email addresses to ensure the security of your Telescope installation.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.