I have developed an application using Laravel 5.2 that uses the default authentication. I have the following in routes.php that protects all routes and have set up the "flow" so that auth/login is the only thing available, until the user is authenticated.
// Logging in and out Route::get('/auth/login', 'Auth\AuthController@getLogin'); Route::post('/auth/login', 'Auth\AuthController@postLogin');
Route::group(['middleware' => 'auth'], function() { // Only authenticated users may enter... all routes follow .......... }
I have registered to use Sucuri website protection and they require a php file to be placed in the app home directory and they try connect directly using that php file but are redirected to the auth/login .... What is a sane way to allow them to connect
Thanks for any input .... Regards Arnold
I would trust an html file to validate existence of your site with their signature but I would feel very uneasy about putting executable code from a vendor on my site unless I really understood it line-by-line. Also, ask whether it's just for initial verification or if they need you to keep that file permanently placed there. If it's just a .html file, putting it in the public folder should be no problem. I do that with SSL cert issuers all the time.
Norm
Sign in to participate in this thread!
Laravel
Laravel News
Laracasts
Laravel Podcast