feat: add a viewScalar gate to add custom authorization

README.md

@@ -47,6 +47,31 @@ return [
 ]
 ```
 
+## Authorization
+
+The Scalar API reference may be accessed via the /scalar route. By default, everyone will be able to access this route. However, within your App\Providers\AppServiceProvider.php file, you can overwrite the gate definition. This authorization gate controls access to Scalar in non-local environments. You are free to modify this gate as needed to restrict access to your Horizon installation:
+
+```php
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\ServiceProvider;
+
+class AppServiceProvider extends ServiceProvider
+{
+    public function boot(): void
+    {
+        Gate::define('viewScalar', function ($user) {
+            return in_array($user->email, [
+                //
+            ]);
+        });
+    }
+}
+```
+
 ## Testing
 
 ```bash

src/Controllers/ScalarController.php

@@ -3,11 +3,16 @@
 namespace Scalar\Controllers;
 
 use Illuminate\Routing\Controller;
+use Illuminate\Support\Facades\Gate;
 
 class ScalarController extends Controller
 {
     public function __invoke()
     {
+        if (! Gate::check('viewScalar') && ! app()->environment('local')) {
+            return abort(403);
+        }
+
         return view('scalar::reference');
     }
 }

src/ScalarServiceProvider.php

@@ -2,11 +2,21 @@
 
 namespace Scalar;
 
+use Illuminate\Support\Facades\Gate;
 use Spatie\LaravelPackageTools\Package;
 use Spatie\LaravelPackageTools\PackageServiceProvider;
 
 class ScalarServiceProvider extends PackageServiceProvider
 {
+    public function boot()
+    {
+        parent::boot();
+
+        Gate::define('viewScalar', function ($user = null) {
+            return true;
+        });
+    }
+
     public function configurePackage(Package $package): void
     {
         $package