f139a3f608
All checks were successful
Deploy api / deploy (push) Successful in 22s
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
45 lines
1.1 KiB
PHP
45 lines
1.1 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
|
|
/**
|
|
* Wellnet Callback用IP制限ミドルウェア
|
|
*/
|
|
class WellnetIpWhitelist
|
|
{
|
|
/**
|
|
* IPアドレス制限処理
|
|
*
|
|
* @param Request $request
|
|
* @param Closure $next
|
|
* @return Response
|
|
*/
|
|
public function handle(Request $request, Closure $next): Response
|
|
{
|
|
$allowedIps = config('wellnet.callback.allowed_ips', []);
|
|
|
|
// 白名単が空の場合は開発のみスキップ、商用は拒否
|
|
if (empty($allowedIps)) {
|
|
if (app()->environment('production')) {
|
|
return response('800', 200)
|
|
->header('Content-Type', 'text/plain');
|
|
}
|
|
return $next($request);
|
|
}
|
|
|
|
$clientIp = $request->ip();
|
|
|
|
if (!in_array($clientIp, $allowedIps, true)) {
|
|
// Wellnet Callback仕様: 異常時もHTTP 200 + 固定コードで応答
|
|
return response('800', 200)
|
|
->header('Content-Type', 'text/plain');
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|