Allow URLs to be ignored by StageFront

Author: ivanvermeyen

config/stagefront.php

@@ -87,4 +87,13 @@
      */
     'middleware' => env('STAGEFRONT_MIDDLEWARE', 'web'),
 
+    /**
+     * The following URLs will be ignored by StageFront.
+     * Access to these URLs will never be blocked.
+     * You can use wildcards:
+     * '/route/*' (this does not include '/route')
+     *
+     * Default: []
+     */
+    'ignore_urls' => [],
 ];

src/Middleware/RedirectIfStageFrontIsEnabled.php

@@ -18,12 +18,35 @@ public function handle($request, Closure $next)
     {
         $disabled = ! config('stagefront.enabled', false);
         $unlocked = session('stagefront.unlocked', false);
-        $stageFrontUrl = trim(config('stagefront.url'), '/');
+        $stageFrontUrl = config('stagefront.url');
+        $ignoredUrls = config('stagefront.ignore_urls', []);
+        array_push($ignoredUrls, $stageFrontUrl);
 
-        if ($unlocked || $disabled || $request->is($stageFrontUrl)) {
+        if ($unlocked || $disabled || $this->urlIsIgnored($request, $ignoredUrls)) {
             return $next($request);
         }
 
         return redirect($stageFrontUrl);
     }
+
+    /**
+     * Check if a URL should be ignored.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param array $ignoredUrls
+     *
+     * @return bool
+     */
+    protected function urlIsIgnored($request, $ignoredUrls)
+    {
+        foreach ($ignoredUrls as $url) {
+            $url = trim($url, '/');
+
+            if ($request->is($url)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
 }

tests/Feature/StageFrontTest.php

@@ -26,9 +26,7 @@ public function setUp()
         // It is disabled by default so nothing is loaded by default.
         $this->url = config('stagefront.url');
 
-        Route::get('/page', function () {
-            return 'Some Page';
-        })->middleware(config('stagefront.middleware'));
+        $this->registerRoute('/page', 'Some Page');
     }
 
     /** @test */
@@ -176,6 +174,20 @@ public function you_can_limit_which_database_users_have_access()
         ])->assertRedirect($this->url)->assertSessionHasErrors('password');
     }
 
+    /** @test */
+    public function urls_can_be_ignored_so_access_is_not_denied_by_stagefront()
+    {
+        $this->registerRoute('/public', 'Public');
+        $this->registerRoute('/public/route', 'Route');
+
+        config()->set('stagefront.ignore_urls', ['/public/*']);
+
+        $this->enableStageFront();
+
+        $this->get('/public')->assertRedirect($this->url);
+        $this->get('/public/route')->assertStatus(200)->assertSee('Route');
+    }
+
     /**
      * Tell Laravel we navigated to this intended URL and
      * got redirected to the login page so that
@@ -227,4 +239,17 @@ protected function enableStageFront()
             RedirectIfStageFrontIsEnabled::class
         );
     }
+
+    /**
+     * Register a test route.
+     *
+     * @param string $url
+     * @param string $text
+     */
+    protected function registerRoute($url, $text)
+    {
+        Route::get($url, function () use ($text) {
+            return $text;
+        })->middleware(config('stagefront.middleware'));
+    }
 }