pixelfed/app/Providers/AuthServiceProvider.php

58 lines
1.9 KiB
PHP

<?php
namespace App\Providers;
use Gate;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Laravel\Passport\Passport;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
// 'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
if(config('pixelfed.oauth_enabled') == true) {
Passport::ignoreRoutes();
Passport::tokensExpireIn(now()->addDays(config('instance.oauth.token_expiration', 356)));
Passport::refreshTokensExpireIn(now()->addDays(config('instance.oauth.refresh_expiration', 400)));
Passport::enableImplicitGrant();
if (config('instance.oauth.pat.enabled')) {
Passport::personalAccessClientId(config('instance.oauth.pat.id'));
}
Passport::tokensCan([
'read' => 'Full read access to your account',
'write' => 'Full write access to your account',
'follow' => 'Ability to follow other profiles',
'admin:read' => 'Read all data on the server',
'admin:read:domain_blocks' => 'Read sensitive information of all domain blocks',
'admin:write' => 'Modify all data on the server',
'admin:write:domain_blocks' => 'Perform moderation actions on domain blocks',
'push' => 'Receive your push notifications'
]);
Passport::setDefaultScope([
'read',
'write',
'follow',
]);
}
// Gate::define('viewWebSocketsDashboard', function ($user = null) {
// return $user->is_admin;
// });
}
}