├── .gitignore
├── config
    └── config.php
├── composer.json
├── README.md
└── src
    ├── HttpsEnforcementServiceProvider.php
    └── HttpsEnforcementAgency.php


/.gitignore:
--------------------------------------------------------------------------------
1 | /vendor
2 | composer.phar
3 | composer.lock
4 | .DS_Store
5 | 


--------------------------------------------------------------------------------
/config/config.php:
--------------------------------------------------------------------------------
 1 | <?php return [
 2 | 
 3 |     /*
 4 |     |--------------------------------------------------------------------------
 5 |     | Whether or not to force requests to the https version of your app.
 6 |     |--------------------------------------------------------------------------
 7 |     */
 8 | 
 9 |     'enforce_https' => env('ENFORCE_HTTPS', false),
10 | 
11 |     /*
12 |     |--------------------------------------------------------------------------
13 |     | A list of URIs to exclude from enforcement, if they pass Request::is()
14 |     |--------------------------------------------------------------------------
15 |     */
16 | 
17 |    'except' => []
18 | 
19 | ];
20 | 


--------------------------------------------------------------------------------
/composer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "name": "owenmelbz/https-enforcement",
 3 |     "description": "Laravel 5.x middleware to enforce https redirection for your app.",
 4 |     "keywords": ["laravel", "https", "redirect", "force", "enforce"],
 5 |     "license": "MIT",
 6 |     "authors": [
 7 |         {
 8 |             "name": "Owen Melbourne",
 9 |             "email": "owenmelbz@gmail.com"
10 |         }
11 |     ],
12 |     "require": {
13 |         "illuminate/support": "5.*"
14 |     },
15 |     "autoload": {
16 |         "psr-4": {
17 |             "OwenMelbz\\HttpsEnforcement\\": "src/"
18 |         }
19 |     },
20 |     "extra": {
21 |         "laravel": {
22 |             "providers": [
23 |                 "OwenMelbz\\HttpsEnforcement\\HttpsEnforcementServiceProvider"
24 |             ]
25 |         }
26 |     }
27 | }
28 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Laravel 5 HTTPS Enforcement Agent
 2 | 
 3 | An automatic piece of middleware for Laravel 5.x, which will redirect users accessing non https urls, to the secure equivalent unless specified in the ignore list
 4 | 
 5 | 
 6 | ## Usage
 7 | 
 8 | 1- Install via composer `composer require owenmelbz/https-enforcement`
 9 | 
10 | 2- Register the service provider - typically done inside the `app.php` providers array e.g `OwenMelbz\HttpsEnforcement\HttpsEnforcementServiceProvider::class`
11 | 
12 | 3- Add `ENFORCE_HTTPS=true` to your application environment config e.g `.env`
13 | 
14 | 4- Enjoy your stress free architecture agnostic redirects
15 | 
16 | 
17 | ## Why?
18 | 
19 | Too often we've wasted time configuring SSL redirection, with proxy systems like CloudFlare, with apache development machines and nginx production, this removes all the headache and can simply be turned off and on at a whim.
20 | 


--------------------------------------------------------------------------------
/src/HttpsEnforcementServiceProvider.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace OwenMelbz\HttpsEnforcement;
 4 | 
 5 | use Illuminate\Support\ServiceProvider;
 6 | 
 7 | /**
 8 |  * Service provider for HttpsEnforcement
 9 |  *
10 |  * @author: Owen Melbourne
11 |  */
12 | class HttpsEnforcementServiceProvider extends ServiceProvider {
13 | 
14 |     /**
15 |      * This will be used to register config & view
16 |      */
17 |     protected $packageName = 'https_enforcement';
18 | 
19 |     /**
20 |      * Bootstrap the application services.
21 |      *
22 |      * @return void
23 |      */
24 |     public function boot()
25 |     {
26 |         // Publish the config
27 |         $this->publishes([
28 |             __DIR__.'/../config/config.php' => config_path($this->packageName.'.php'),
29 |         ], 'config');
30 | 
31 |         if (config('https_enforcement.enforce_https') === true) {
32 | 
33 |             HttpsEnforcementAgency::setExceptions(
34 |                 config('https_enforcement.except')
35 |             );
36 | 
37 |             $this->app->make('Illuminate\Contracts\Http\Kernel')->prependMiddleware(
38 |                 HttpsEnforcementAgency::class
39 |             );
40 |         }
41 |     }
42 | 
43 |     /**
44 |      * Register the application services.
45 |      *
46 |      * @return void
47 |      */
48 |     public function register()
49 |     {
50 |         $this->mergeConfigFrom( __DIR__.'/../config/config.php', $this->packageName);
51 |     }
52 | 
53 | }
54 | 


--------------------------------------------------------------------------------
/src/HttpsEnforcementAgency.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | namespace OwenMelbz\HttpsEnforcement;
 4 | 
 5 | use Closure;
 6 | 
 7 | class HttpsEnforcementAgency {
 8 | 
 9 |     private static $except = [];
10 | 
11 |     /**
12 |      * Handle an incoming request.
13 |      *
14 |      * @param  \Illuminate\Http\Request  $request
15 |      * @param  \Closure  $next
16 |      * @return mixed
17 |      */
18 |     public function handle($request, Closure $next)
19 |     {
20 |         if (config('https_enforcement.enforce_https') === true) {
21 |             if (!$request->secure() && !$this->inExceptArray($request)) {
22 |                 return redirect()->secure($request->getRequestUri());
23 |             }
24 |         }
25 | 
26 |         return $next($request);
27 |     }
28 | 
29 |     /**
30 |      * Determine if the request URI matches a configured exception.
31 |      *
32 |      * @param  \Illuminate\Http\Request  $request
33 |      * @return bool
34 |      */
35 |     protected function inExceptArray($request)
36 |     {
37 |         foreach (self::getExceptions() as $except) {
38 |             if ($except !== '/') {
39 |                 $except = trim($except, '/');
40 |             }
41 | 
42 |             if ($request->is($except)) {
43 |                 return true;
44 |             }
45 |         }
46 | 
47 |         return false;
48 |     }
49 | 
50 |     public static function setExceptions($except = [])
51 |     {
52 |         self::$except = $except;
53 |     }
54 | 
55 |     public static function getExceptions()
56 |     {
57 |         return self::$except;
58 |     }
59 | }
60 | 


--------------------------------------------------------------------------------