migrate to gtea from bistbucket

public/restaurant/app/Http/Middleware/VerifyTokenOrigin.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\App;
+use Symfony\Component\HttpFoundation\Response;
+
+class VerifyTokenOrigin
+{
+    public function handle(Request $request, Closure $next): Response
+    {
+        $requestAgent = strtolower($request->header('User-Agent'));
+        // Only enforce this block in production
+        if (! App::hasDebugModeEnabled()) {
+            $blockedClients = ['postman', 'curl', 'insomnia'];
+
+            foreach ($blockedClients as $client) {
+                if (str_contains($requestAgent, $client)) {
+                    return response()->json(['message' => 'API clients are not allowed in production.'], 403);
+                }
+            }
+
+            // Optional: Only allow browsers
+            if (! str_contains($requestAgent, 'mozilla') && ! str_contains($requestAgent, 'chrome')) {
+                return response()->json(['message' => 'Requests must come from a browser in production.'], 403);
+            }
+        }
+
+        return $next($request);
+    }
+}