Access Control via Environment
Sometimes, you may wish to allow or disallow access to a web route based on the current
application environment. FEAST contains an AccessControl
attribute to allow this
level of control.
A controller may be annotated with the #[AccessControl]
attribute as follows:
<?php
class Controller extends HttpController
{
#[AccessControl(onlyEnvironments: ['dev'])]
public function allowedPathForEnvGet(
?string $name = null
): void {
echo 'Success!';
}
#[AccessControl(disabledEnvironments: ['production'])]
public function DeniedPathForProdGet(
?string $name = null
): void {
echo 'Success!';
}
}
In the example above, the first controller is only accessible in dev
. The second is accessible in every environment
except production
.
Powered by FEAST Framework
See this project at https://github.com/feastframework/documentation