Initial commit

Author: WinXaito

.gitignore

@@ -0,0 +1,3 @@
+/.idea
+/vendor
+composer.lock

LICENSE

@@ -0,0 +1,25 @@
+{
+    "name": "winxaito/laravel-https",
+    "description": "Redirects http requests to https according to the configuration",
+    "type": "library",
+    "license": "GNU GPL3",
+    "authors": [
+        {
+            "name": "WinXaito",
+            "email": "mail@winxaito.com"
+        }
+    ],
+    "require": {},
+    "autoload": {
+        "psr-4": {
+            "WinXaito\\LaravelHttpsRedirect\\": "src/"
+        }
+    },
+    "extra": {
+        "laravel": {
+            "providers": [
+                "WinXaito\\LaravelHttpsRedirect\\LaravelHttpsServiceProvider"
+            ]
+        }
+    }
+}

composer.json

@@ -0,0 +1,41 @@
+<?php
+
+/**
+ * @package WinXaito/laravel-https
+ * @author Kevin Vuilleumier <mail@winxaito.com>
+ * @copyright 2018 Kevin Vuilleumier
+ * @license https://www.gnu.org/licenses/gpl.txt GNU GPL3
+ * @link https://github.com/WinXaito/laravel-https
+ */
+
+namespace WinXaito\LaravelHttpsRedirect\Http\Middleware;
+
+use Closure;
+
+class HttpsRedirection{
+    /**
+     * Handle an incoming request.
+     *
+     * We check depending on the configuration whether or not we need
+     * to redirect the user to https (Unless already in https)
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next){
+        if(!$request->secure()) {
+            if(
+                config('https-redirection.https_force') ||
+                (!config('https-redirection.https_prohibit') &&
+                    config('https-redirection.app_env') == 'production') ||
+                (!config('https-redirection.https_prohibit') &&
+                    !config('https-redirection.app_debug'))
+            ){
+                return redirect()->secure($request->getRequestUri());
+            }
+        }
+
+        return $next($request);
+    }
+}

src/Http/Middleware/HttpsRedirection.php

@@ -0,0 +1,37 @@
+<?php
+
+/**
+ * @package WinXaito/laravel-https
+ * @author Kevin Vuilleumier <mail@winxaito.com>
+ * @copyright 2018 Kevin Vuilleumier
+ * @license https://www.gnu.org/licenses/gpl.txt GNU GPL3
+ * @link https://github.com/WinXaito/laravel-https
+ */
+
+namespace WinXaito\LaravelHttpsRedirect;
+
+use Illuminate\Support\ServiceProvider;
+
+class LaravelHttpsServiceProvider extends ServiceProvider{
+    /**
+     * Indicates if loading of the provider is deferred.
+     *
+     * @var bool
+     */
+    protected $defer = false;
+
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot(){
+        //Publishes
+        $this->publishes([
+            __DIR__.'/config/installer.php' => config_path('https-redirection.php'),
+        ], 'config');
+
+        //Middleware
+        $this->app['Illuminate\Contracts\Http\Kernel']->pushMiddleware('WinXaito\LaravelHttpsRedirect\Http\Middleware\HttpsRedirection');
+    }
+}

src/LaravelHttpsServiceProvider.php

@@ -0,0 +1,50 @@
+<?php
+
+return [
+   /*
+    |--------------------------------------------------------------------------
+    | Force https
+    |--------------------------------------------------------------------------
+    |
+    | When this value is true, https redirection will be occur in all cases
+    |
+   */
+
+   'https_force' => env('HTTPS_FORCE', false),
+
+    /*
+     |--------------------------------------------------------------------------
+     | Prohibit https
+     |--------------------------------------------------------------------------
+     |
+     | When this value is true, https redirection will never occur unless
+     | "https_force" is true
+     |
+    */
+
+    'https_prohibit' => env('HTTPS_PROHIBIT', false),
+
+    /*
+     |--------------------------------------------------------------------------
+     | Application environment
+     |--------------------------------------------------------------------------
+     |
+     | When this value is "production", the redirection will be activated
+     | unless "https_prohibit" is true
+     |
+    */
+
+    'app_env' => env('APP_ENV', 'production'),
+
+    /*
+     |--------------------------------------------------------------------------
+     | Application debug
+     |--------------------------------------------------------------------------
+     |
+     | When this value is false and "https_prohibit" is also false,
+     | redirection takes place
+     |
+    */
+
+    'app_debug' => env('APP_DEBUG', false),
+];