CakePHP: Restrict DebugKit to An IP Address

I've been playing around with CakePHP and using the DebugKit Toolbar component. It's great to have while I'm developing, and sometimes in production, but I of course don't want everyone to see it, except for me.
 
I looked up how to unload components in the documentation:
which shows this example
$this->Components->unload('Cookie');
 
I applied it to the DebugKit Toolbar like so:
$this->Components->unload('DebugKit.Toolbar');
 

Restricting IP Address In A CFWheels Database Table

I also wanted to restrict it on my IP address. Since my IP address can change, I added a new field to a settings table I created for my Blog, written in CFWheels, called adminsettings. The structure looks like this:
 
 
I inserted a new name and value called debugIPAddress in my blogs database using CF Wheels conventions:
INSERT INTO `cvazquezblog`.`adminsettings` (`name`, `value`, `createdAt`)
VALUES ('debugIPAddress', '[your computer's ip address]',now());
 
 

CakePHP View to Access CFWheels Table

For CakePHP, I have a view setup, using CakePHP's conventions, like so:
DROP VIEW IF EXISTS cvazquezblogcake.admin_settings;
CREATE DEFINER = `blog_view_user`@`localhost`
    SQL SECURITY DEFINER
    VIEW cvazquezblogcake.admin_settings (`id`, name, value, deletedAt)
    AS 
	 SELECT id, name, value, deletedAt
	 FROM cvazquezblog.adminsettings
    WITH  CHECK OPTION;
 
And with the proper permissions:
GRANT SELECT ON cvazquezblogcake.admin_settings TO 'cakeUser'@'localhost';
GRANT SELECT ON cvazquezblog.adminsettings TO blog_view_user@localhost;
 

Checking the IP Address in CakePHP

Now that I have my IP address stored in the database, I figured I could add the IP address check in the file
/admin/app/Controller/AppController.php
and in the method beforeFilter()
 
Here's how the function looks:
 
 
That's it. Whenever I have a new IP address, I can update it in the table. For a future upgrade, I can allow multiple debugIPAddress records, then perform a loop for a valid one, but I really want to control only one IP address at a time.

Comments

New Comment