Overriding Authorization for Telescope in Non-local Environments
By default, Laravel Telescope is only accessible in the local
environment. To enable access in non-local environments, you'll need to modify the authorization gate defined in app/Providers/TelescopeServiceProvider.php
.
Here's an example of how you can modify the gate to allow specific users to access Telescope:
/**
* Register the Telescope gate.
*
* This gate determines who can access Telescope in non-local environments.
*
* @return void
*/
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return in_array($user->email, [
// Your users
'user@yourapp.tld',
]);
});
}
You can modify the list of authorized email addresses to fit your requirements.
Alternatively, you can override the authorization()
method in Laravel\Telescope\TelescopeApplicationServiceProvider
and include your environment name.
/**
* Configure the Telescope authorization services.
*
* @return void
*/
protected function authorization()
{
$this->gate();
Telescope::auth(function ($request) {
return app()->environment(['local', 'testing']) ||
Gate::check('viewTelescope', [$request->user()]);
});
}
This will allow access to Telescope in both the local
and testing
environments.
Using Cookie-based Authentication (for API Applications)
If you're using Laravel as an API application, you can use cookie-based authentication for Telescope. Add a secretTelescope
cookie secret to your application and define the authorization gate as follows:
Gate::define('viewTelescope', function (?User $user) {
return array_key_exists('secretTelescope', $_COOKIE);
});
This will allow access to Telescope to anyone who has the secretTelescope
cookie.
.env Configuration
Ensure that the TELESCOPE_ENABLED
environment variable is set to true
in your .env
file.
TELESCOPE_ENABLED=true
Additionally, set the APP_ENV
variable to local
if you're not already in a local environment.
Additional Notes
- Be cautious when granting access to Telescope in non-local environments, as this could expose sensitive information.
- Consider using a VPN or other secure connection when accessing Telescope remotely.
- Regularly review and update the authorized users or email addresses to ensure the security of your Telescope installation.