Comments (40)
in my side, i found the problem was on its Authorization mechanism. so, we can replace it with our own auth mechanisme. now, mine is:
in config/telescope.php
'middleware' => [
'web',
// Authorize::class,
'admin'
],
from telescope.
Remove this from the register function
Telescope::filter(function (IncomingEntry $entry) {
if ($this->app->environment() == 'local') {
return true;
}
return $entry->isReportableException() ||
$entry->isFailedJob() ||
$entry->isScheduledTask() ||
$entry->hasMonitoredTag();
});
from telescope.
The problem appears to be the following method in TelescopeApplicationServiceProvider
:
/**
* Configure the Telescope authorization services.
*
* @return void
*/
protected function authorization()
{
$this->gate();
Telescope::auth(function ($request) {
return app()->environment('local') ||
Gate::check('viewTelescope', [$request->user()]);
});
}
I overrode this method in my TelescopeServiceProvider
and defined my own auth closure:
/**
* Configure the Telescope authorization services.
*
* @return void
*/
protected function authorization()
{
$this->gate();
Telescope::auth(function ($request) {
return app()->environment(['local', 'staging']) ||
Gate::check('viewTelescope', [$request->user()]);
});
}
This allowed me to access telescope in my staging environment. I tried changing my gate()
override and it didn't appear to work. This was the only way that I could reliably get it to work.
from telescope.
Changed the Authorize middleware by my own as following:
class Authorize
{
/**
* @param $request
* @param $next
* @return mixed
*/
public function handle($request, $next)
{
return $next($request);
}
}
It fixed the 403 Forbidden on a production server.
Used with the removal of the Telescope::filter, it fixed the whole thing for me.
from telescope.
I am not sure if it's only me or it is a bug but, i think i found the issue. The problem is it doesn't discover App\Providers\TelescopeServiceProvider::class,
So adding App\Providers\TelescopeServiceProvider::class,
in config/app.php
fixes it. Then i can set in .env
file
APP_ENV=production
and in app\Providers\TelescopeServiceProvider.php
/**
* Register the Telescope gate.
*
* This gate determines who can access Telescope in non-local environments.
*
* @return void
*/
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return in_array($user->email, [
"[email protected]",
]);
});
}
then without any issue i can reach /telescope
with the user [email protected]
logged in.
from telescope.
Guys, we'd love to help but we aren't able to reproduce this.
So, here are some guidelines/checks:
- Do you see any error logs (backend logs or console frontend errors)?
- Do you have a
Telescope::filter
orTelescope::filterBatch
call in yourApp\Providers\TelescopeServiceProvider
? If yes, does it satisfy the filter condition? The defaultTelescopeServiceProvider
stub allows all entries to be recorded in local environments but for production only allows reportable exceptions, failed jobs, scheduled tasks and monitored tag entries to be recorded. - Did your
authorization
pass through? The defaultauthorization
method in theTelescopeServiceProvider
stub always passes for local environments but does the gate check for production. - Do you have auto discovery enabled in production? If not, did you add the
Laravel\Telescope\TelescopeServiceProvider
in yourconfig/app.php
? - Did you add your
App\Providers\TelescopeServiceProvider
to yourconfig/app.php
? - Is telescope enabled in production? Check the env variable
TELESCOPE_ENABLED
if set. Defaults to true if not set.
If all of these are okay but you're still facing issues, please share a Github repo with this reproducible issue.
from telescope.
+1 I got 403 Forbidden in Production even if the Gate returns always true
from telescope.
@Braunson number 2 seems to be your issue. Your filter is setup to only record reportable exceptions, failed jobs, scheduled tasks or monitored tags in production but will record everything in local. If you remove the Telescope::filter
callback, everything should be recorded.
from telescope.
As @glendmaatita says I did a middleware exclusively for telescope
// telescope.php
'middleware' => [
'web',
TelescopeMiddleware::class,
// Authorize::class,
],
php artisan make:middleware TelescopeMiddleware
class TelescopeMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(auth()->check() && auth()->user()->email == "[email protected]"){
return $next($request);
}
abort(403);
}
}
from telescope.
Same here! It works when I use APP_ENV=local
.
I tried @DrAmen solution but It didn't worked for me.
app.php
'providers' => [
/*
* Laravel Framework Service Providers...
*/
Illuminate\Auth\AuthServiceProvider::class,
Illuminate\Broadcasting\BroadcastServiceProvider::class,
Illuminate\Bus\BusServiceProvider::class,
Illuminate\Cache\CacheServiceProvider::class,
Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class,
Illuminate\Cookie\CookieServiceProvider::class,
Illuminate\Database\DatabaseServiceProvider::class,
Illuminate\Encryption\EncryptionServiceProvider::class,
Illuminate\Filesystem\FilesystemServiceProvider::class,
Illuminate\Foundation\Providers\FoundationServiceProvider::class,
Illuminate\Hashing\HashServiceProvider::class,
Illuminate\Mail\MailServiceProvider::class,
Illuminate\Notifications\NotificationServiceProvider::class,
Illuminate\Pagination\PaginationServiceProvider::class,
Illuminate\Pipeline\PipelineServiceProvider::class,
Illuminate\Queue\QueueServiceProvider::class,
Illuminate\Redis\RedisServiceProvider::class,
Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
Illuminate\Session\SessionServiceProvider::class,
Illuminate\Translation\TranslationServiceProvider::class,
Illuminate\Validation\ValidationServiceProvider::class,
Illuminate\View\ViewServiceProvider::class,
/*
* Package Service Providers...
*/
/*
* Application Service Providers...
*/
App\Providers\AppServiceProvider::class,
App\Providers\AuthServiceProvider::class,
// App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class,
App\Providers\TelescopeServiceProvider::class,
App\Providers\RouteServiceProvider::class,
// Agregados por mí.
crocodicstudio\crudbooster\CRUDBoosterServiceProvider::class,
App\Providers\TelescopeServiceProvider::class,
],
TelescopeServiceProvider.php
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return true;
// return \CRUDBooster::isSuperadmin();
});
}
from telescope.
This issue is due to an empty or non logged user. Laravel gate receives user as the first argument if it's empty it doesn't care about internal code. If you want to use it without gate just remove gate function from TelescopeServiceProvider class and override authorization function. See the example below.
protected function authorization()
{
$this->gate();
Telescope::auth(function ($request) {
return app()->environment('local') ||
in_array($request->ip(), config('allowed_ip_addresses.telescope'));
});
}
I removed the gate define as well as gate check, so the issue is resolved.
from telescope.
excuse me I can not connect to the dashboard with a non local env
public function register()
{
// Telescope::night();
Telescope::filter(function (IncomingEntry $entry) {
return true;
return $entry->isReportableException() ||
$entry->isFailedJob() ||
$entry->isScheduledTask() ||
$entry->hasMonitoredTag();
});
}
/**
* Register the Telescope gate.
*
* This gate determines who can access Telescope in non-local environments.
*
* @return void
*/
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return true;
});
}
from telescope.
Changing telescope authorization middleware with laravel's authentication middleware worked for me. It's just a workaround.
'middleware' => [
'web',
// Authorize::class,
\App\Http\Middleware\Authenticate::class,
],
from telescope.
+1, can't connect the dashboard with production env.
from telescope.
I'm having this issue as well now, as of 13 days ago. Requests aren't being logged (among other things) in a production environment anymore.
from telescope.
If you've been following the instructions in the section "Installing Only In Specific Environments" you'll need to ensure that you update your AppServiceProvider
accordingly, e.g.
public function register()
{
if ($this->app->environment('local') || $this->app->environment('staging')) {
$this->app->register(TelescopeServiceProvider::class);
}
}
from telescope.
in my side, i found the problem was on its Authorization mechanism. so, we can replace it with our own auth mechanisme. now, mine is:
in
config/telescope.php
'middleware' => [ 'web', // Authorize::class, 'admin' ],
Thanks, i just comment 'Authorize::class'
from telescope.
Telescope's gate can run right when Auth::user()
had value.
So,if you didn't login,you could not view telescope in production.
You can rewrite Authorize::class
, like return config('telescope.enabled') ? $next($request) : abort(403);
.
from telescope.
I can solve it by rewrite authorization method
/**
* Configure the Telescope authorization services.
*
* @return void
*/
protected function authorization()
{
$this->gate();
Telescope::auth(function ($request) {
if ($request->get('_token')) {
$user = PersonalAccessToken::findToken($request->get('_token'))->tokenable;
return $user->name === 'admin';
}
return Gate::check('viewTelescope', [$request]);
});
}
from telescope.
@L3o-pold Perfect, Thanks
from telescope.
@120dev It should works, what kind of message do you have?
from telescope.
Telescope here works perfectly local, we have a 'staging' environment where we setup Telescope now like this:
Telescope::filter(function (IncomingEntry $entry) {
return true;
return $entry->isReportableException() ||
$entry->isFailedJob() ||
$entry->isScheduledTask() ||
$entry->hasMonitoredTag();
});
}
/**
* Register the Telescope gate.
*
* This gate determines who can access Telescope in non-local environments.
*
* @return void
*/
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return ends_with($user->email, "@ourcompany.com");
});
}
Locally this works fine, the viewTelescope protection works fine too in staging. We can open Telescope but there are no entries in staging, EXCEPT when we change APP_ENV=local
in the environment files of staging, but this work around is not desirable at all.
We need to distinguish our environments for monitoring errors and other relevant environment based information.
Any suggestions?
from telescope.
I just updated to Telescope 1.0 and the problem is still the same.
Gate::define('viewTelescope', function ($user) {
return true;
// return \CRUDBooster::isSuperadmin();
});
from telescope.
- No errors
- Yes see below, but it's the same as the docs, also it records everything properly on local but not on production/development environment.
- Yes I can see Telescope on all environments properly
- Yes
- Yes
<?php
namespace App\Providers;
use Laravel\Spark\Spark;
use Laravel\Telescope\EntryType;
use Laravel\Telescope\Telescope;
use Illuminate\Support\Facades\Gate;
use Laravel\Telescope\IncomingEntry;
use Laravel\Telescope\Contracts\EntriesRepository;
use Laravel\Telescope\TelescopeApplicationServiceProvider;
class TelescopeServiceProvider extends TelescopeApplicationServiceProvider
{
/**
* Register any application services.
*
* @return void
*/
public function register()
{
Telescope::night();
Telescope::filter(function (IncomingEntry $entry) {
// Are we local?
if ($this->app->environment() == 'local') {
return true;
}
return $entry->isReportableException() ||
$entry->isFailedJob() ||
$entry->isScheduledTask() ||
$entry->hasMonitoredTag();
});
}
/**
* Register the Telescope gate.
*
* This gate determines who can access Telescope in non-local environments.
*
* @return void
*/
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return Spark::developer($user->email);
});
}
}
from telescope.
@paras-malhotra Ah ok, It was weird because this previous to v0.1.8/1.0 everything recorded regardless of environment. Must have been a code change
from telescope.
-
I can't see any error in the logs. In addition, I use Sentry and no error is reported.
-
Which
authorization
method? This is my code:
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Gate;
use Laravel\Telescope\IncomingEntry;
use Laravel\Telescope\Telescope;
use Laravel\Telescope\TelescopeApplicationServiceProvider;
class TelescopeServiceProvider extends TelescopeApplicationServiceProvider
{
/**
* Register any application services.
*
* @return void
*/
public function register()
{
// Telescope::night();
Telescope::filter(function (IncomingEntry $entry) {
if ($this->app->environment('local')) {
return true;
}
return $entry->isReportableException() ||
$entry->isFailedJob() ||
$entry->isScheduledTask() ||
$entry->hasMonitoredTag();
});
}
/**
* Register the Telescope gate.
*
* This gate determines who can access Telescope in non-local environments.
*
* @return void
*/
protected function gate()
{
Gate::define('viewTelescope', function ($user) {
return true;
// return \CRUDBooster::isSuperadmin();
});
}
}
-
I haved added to app.php. Look at the comment above #76 (comment)
-
If I don't have to manually add packages to app.php, so I think It's enabled. However, I manually added to it.
'providers' => [
/*
* Laravel Framework Service Providers...
*/
Illuminate\Auth\AuthServiceProvider::class,
Illuminate\Broadcasting\BroadcastServiceProvider::class,
Illuminate\Bus\BusServiceProvider::class,
Illuminate\Cache\CacheServiceProvider::class,
Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class,
Illuminate\Cookie\CookieServiceProvider::class,
Illuminate\Database\DatabaseServiceProvider::class,
Illuminate\Encryption\EncryptionServiceProvider::class,
Illuminate\Filesystem\FilesystemServiceProvider::class,
Illuminate\Foundation\Providers\FoundationServiceProvider::class,
Illuminate\Hashing\HashServiceProvider::class,
Illuminate\Mail\MailServiceProvider::class,
Illuminate\Notifications\NotificationServiceProvider::class,
Illuminate\Pagination\PaginationServiceProvider::class,
Illuminate\Pipeline\PipelineServiceProvider::class,
Illuminate\Queue\QueueServiceProvider::class,
Illuminate\Redis\RedisServiceProvider::class,
Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
Illuminate\Session\SessionServiceProvider::class,
Illuminate\Translation\TranslationServiceProvider::class,
Illuminate\Validation\ValidationServiceProvider::class,
Illuminate\View\ViewServiceProvider::class,
/*
* Package Service Providers...
*/
/*
* Application Service Providers...
*/
App\Providers\AppServiceProvider::class,
App\Providers\AuthServiceProvider::class,
// App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class,
App\Providers\TelescopeServiceProvider::class,
App\Providers\RouteServiceProvider::class,
// Agregados por mí.
crocodicstudio\crudbooster\CRUDBoosterServiceProvider::class,
\Laravel\Telescope\TelescopeServiceProvider::class,
App\Providers\TelescopeServiceProvider::class,
],
from telescope.
If I change APP_ENV to local in the server, It shows the dashboard.
from telescope.
@EdwinDayot, if you do that, there's no security because It doesn't check for the user.
from telescope.
I'm trying this and I'm still getting 403.
public function register()
{
$this->app->register(TelescopeServiceProvider::class);
}
from telescope.
Is it possible to remove selected incoming entries from Telescope::filter()
as used in default file of TelescopeServiceProvider?
Telescope::filter(function (IncomingEntry $entry) {
return $entry->isReportableException() ||
$entry->isFailedJob() ||
$entry->isScheduledTask() ||
$entry->hasMonitoredTag();
// Allow more entries here. Redis, Mail, Events...
});
I would like to track error exceptions, dispatched events or sent mails for example.
thanks
from telescope.
Hi, is there a reason why Telescope does not register any of my browser actions? Dump, requests, sql queries, etc... do not show up on my telescope application. I've also checked my telescope entries table and there are no rows being created for my browser's actions.
from telescope.
Literally tried everything in this thread and nothing worked other than modifying TelescopeServiceProvider closure. The Gate:: facade call ALWAYS returned false no matter the logic defined in the Provider. I ended up removing it entirely and adding in my own function call for IP whitelisting. Works!
Telescope::auth(function ($request) { return app()->environment('local') || Helper::isAllowedIp($request->ip()); });
from telescope.
None of the above answers solved my problem.
from telescope.
@RuanHerculano that error is caused because your assets are not being served over https we use this in production
if (App::environment('production')) { // The environment is production URL::forceScheme('https');}
from telescope.
In config/telescope.php you can configure your own authentication with a middleware if you want to build your own thing (if your company has it's own CMS for example) or just want to only let through whitelisted ip's
from telescope.
Hello Team
With these steps you resolve the issue:
- Create a middleware class that inherits from Authenticate and in the handler function write:
public function handle($request, Closure $next, ...$guards): mixed
{
if (app()->environment('local')) {
return $next($request);
}
if (app()->environment('production') && !$request->expectsJson()) {
parent::handle($request, $next, ...$guards);
}
return abort(403);
}
- Add the middleware class in the config/telescope.php
'middleware' => [
'web',
AuthorizeTelescope::class,
],
from telescope.
Fresh install of latest Laravel and Telescope and this is still not working on non-local environments.
Latest documentation followed and nothing was customized.
Simple returning the TRUE is not working in the TelescopeServiceProvider
gate method:
protected function gate(): void
{
Gate::define('viewTelescope', function ($user) {
return true;
});
}
from telescope.
My issue was mostly that I wasn't logged in, when i logged in I could then access the user param and that worked as expected.
from telescope.
Hi guys, to all of you who come across this problem - I have been struggling with this for hours now and finally found the "solution" (aka easier fix to this instead of creating a whole new middleware etc.).
The reason for this "issue" that we all had is because Laravel has some internal check whether this callback is supported for also work with guest-visitors (aka non-logged-in users). The default is (since it comes with the provider from telescope) that it does not support these guest users!
To make it work, you need to change the code a tiny bit from
protected function gate(): void
{
Gate::define('viewTelescope', function ($user) {
return in_array($user->email, [
//
]);
});
}
to this:
protected function gate(): void
{
Gate::define('viewTelescope', function ($user = null) {
return in_array($user->email, [
//
]);
});
}
The only change is that you have to add the default value null
here to the parameter $user
in the callback-function. With this you change the evaluation for whether this gate is suitable to be taken into account or not. The check is part of the Auth
modules and the method that does this magic is canBeCalledWithUser
, if you need further insides.
The only thing you have to aware of is that the user object then is always null but you can still do things like:
protected function gate(): void
{
Gate::define('viewTelescope', function ($user = null) {
return in_array(request()->ip(), ['123.123.123.123', ...]);
});
}
from telescope.
laravel telescope is not working in my domain ip address.but all configuration is correctly.why ? i am using domain ip .
like example :http://44.193.10.70/telescope
from telescope.
Related Issues (20)
- Telescope is not logging Mails, Notifications, Logs from Booted Method and Model Hooks HOT 1
- query with an escaped question mark does not reflect correct bindings HOT 1
- Ability to delete data by data type HOT 2
- Job recorder memory leak HOT 9
- Changing table names in database HOT 1
- Redirect Back to Application Dashboard/Homepage HOT 1
- [Feature Request] Set timezone for IncomingEntry recorded_at HOT 1
- Call to undefined method Laravel\Telescope\Telescope::ignoreMigrations() HOT 1
- Migration file is being published with a new timestamp everytime HOT 2
- Also add a given response in the app
- User vistor's count like page wise display HOT 1
- When saving a model I use several primary_keys HOT 2
- Allowed memory size exhausted HOT 1
- Ability to set queue for ProcessPendingUpdates HOT 2
- Allow setting a dedicated cache store HOT 1
- Manifest.json cause 404 error if file in resources is missing HOT 2
- Add crossorigin anonymus to the mix configuration because it's not possible to use with a CDN for all the resources HOT 6
- Avatars are not being displayed in request details HOT 4
- 5.0.3 upgrade app.js SHA-384 integrity issue HOT 1
- Use configurable database table names HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from telescope.