Below is my laravel 8 api route and middleware that I use
Route::group(['middleware'=>['auth:api', 'StripScript'],'prefix' => 'v1'], function(){
Route::get('/list', [ListController::class, 'list']);
});
I this I want to bypass middleware ‘auth:api’ if I get request from specific ip address so user doesn’t require to pass token and it should auto login as one specific user.
Note that I want to bypass auth and not to do ‘Ip address Whitelist’ as I do have whitelist for this I want to totally by pass for one IP address.
2
Answers
This should work:
You should also handle the references to the authed user, if there are any (e.g. auth()->user()->id will throw an error).
IMHO you should authenticate the trusted party via a token sent in header, if you have access to the api call code.
Managing these kind of exceptions in your code can quickly become cumbersome and will be challenging to understand for everyone (including you).
It’s not good idea, But any way if you want try this…
Go
app/Http/Middleware/Authenticate.php
Add && override
handle
function like below