File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ <?php
2+
3+ namespace App \Console \Commands ;
4+
5+ use Carbon \Carbon ;
6+ use Illuminate \Console \Command ;
7+ use Illuminate \Support \Facades \File ;
8+
9+ class CleanAdminSecurityLogs extends Command
10+ {
11+ protected $ signature = 'logs:clean-admin-security {--days=14 : Number of days to keep} ' ;
12+
13+ protected $ description = 'Clean old admin security logs ' ;
14+
15+ public function handle ()
16+ {
17+ $ days = $ this ->option ('days ' );
18+ $ path = storage_path ('logs ' );
19+ $ cutoffDate = Carbon::now ()->subDays ($ days );
20+
21+ $ deleted = 0 ;
22+
23+ foreach (File::glob ("{$ path }/admin-security-*.log " ) as $ file ) {
24+ $ fileDate = Carbon::createFromTimestamp (File::lastModified ($ file ));
25+
26+ if ($ fileDate ->lt ($ cutoffDate )) {
27+ File::delete ($ file );
28+ $ deleted ++;
29+ $ this ->info ('Deleted: ' .basename ($ file ));
30+ }
31+ }
32+
33+ $ this ->info ("Cleaned {$ deleted } old admin security log file(s) " );
34+
35+ return Command::SUCCESS ;
36+ }
37+ }
Original file line number Diff line number Diff line change 44
55use Closure ;
66use Illuminate \Http \Request ;
7+ use Illuminate \Support \Facades \Log ;
78use Symfony \Component \HttpFoundation \Response ;
89
910class AdminOnlyAccess
@@ -16,11 +17,20 @@ class AdminOnlyAccess
1617 public function handle (Request $ request , Closure $ next ): Response
1718 {
1819 if (! $ request ->user ()) {
19- return redirect ( ' / ' );
20+ abort ( 401 , ' Unauthenticated ' );
2021 }
2122
22- if (! $ request ->user ()->is_admin ) {
23- return redirect ('/ ' );
23+ if ($ request ->user ()->is_admin !== true ) {
24+ Log::channel ('admin_security ' )->warning ('Unauthorized admin access attempt ' , [
25+ 'user_id ' => $ request ->user ()->id ,
26+ 'ip ' => $ request ->ip (),
27+ 'user_agent ' => $ request ->userAgent (),
28+ 'route ' => $ request ->path (),
29+ 'method ' => $ request ->method (),
30+ 'timestamp ' => now ()->toIso8601String (),
31+ ]);
32+
33+ abort (403 , 'Unauthorized ' );
2434 }
2535
2636 return $ next ($ request );
Original file line number Diff line number Diff line change 129129 'path ' => storage_path ('logs/laravel.log ' ),
130130 ],
131131
132+ 'admin_security ' => [
133+ 'driver ' => 'daily ' ,
134+ 'path ' => storage_path ('logs/admin-security.log ' ),
135+ 'level ' => env ('LOG_LEVEL ' , 'debug ' ),
136+ 'days ' => 14 ,
137+ 'permission ' => 0664 ,
138+ ],
139+
132140 ],
133141
134142];
Original file line number Diff line number Diff line change 1414Schedule::command ('version:check --force ' )->twiceDaily (9 , 17 )->withoutOverlapping ()->runInBackground ()->onOneServer ();
1515Schedule::command ('videos:retry-failed ' )->everyThirtyMinutes ()->onOneServer ();
1616Schedule::command ('app:instance-stats-collector-command ' )->hourlyAt (20 )->onOneServer ();
17+ Schedule::command ('logs:clean-admin-security --days=14 ' )->dailyAt ('03:00 ' )->onOneServer ();
1718
1819if (config ('loops.admin_dashboard.autoUpdate ' )) {
1920 Schedule::command ('admin:refresh-dashboard-30d ' )->everyThirtyMinutes ()->onOneServer ();
You can’t perform that action at this time.
0 commit comments