Ich habe den Super‑Admin sauber auf einen eigenen Guard + eigenes Session‑Cookie umgestellt, damit Filament‑Login nicht mehr mit dem Frontend/Event‑Admin geteilt wird.

app/Http/Middleware/UseSuperAdminSession.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class UseSuperAdminSession
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        config(['session.cookie' => 'super_admin_session']);
+
+        return $next($request);
+    }
+}

app/Providers/Filament/SuperAdminPanelProvider.php

@@ -11,6 +11,7 @@ use App\Filament\Widgets\PlatformStatsWidget;
 use App\Filament\Widgets\RevenueTrendWidget;
 use App\Filament\Widgets\TopTenantsByRevenue;
 use App\Filament\Widgets\TopTenantsByUploads;
+use App\Http\Middleware\UseSuperAdminSession;
 use Boquizo\FilamentLogViewer\FilamentLogViewerPlugin;
 use Filament\Http\Middleware\Authenticate;
 use Filament\Http\Middleware\DisableBladeIconComponents;
@@ -18,8 +19,8 @@ use Filament\Http\Middleware\DispatchServingFilamentEvent;
 use Filament\Pages;
 use Filament\Panel;
 use Filament\PanelProvider;
-use Filament\Support\Icons\Heroicon;
 use Filament\Support\Colors\Color;
+use Filament\Support\Icons\Heroicon;
 use Filament\Widgets;
 use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
 use Illuminate\Cookie\Middleware\EncryptCookies;
@@ -72,6 +73,7 @@ class SuperAdminPanelProvider extends PanelProvider
             ])
             ->middleware([
                 EncryptCookies::class,
+                UseSuperAdminSession::class,
                 AddQueuedCookiesToResponse::class,
                 StartSession::class,
                 AuthenticateSession::class,
@@ -100,7 +102,7 @@ class SuperAdminPanelProvider extends PanelProvider
                 Pages\Dashboard::class,
                 \App\Filament\SuperAdmin\Pages\WatermarkSettingsPage::class,
             ])
-            ->authGuard('web');
+            ->authGuard('super_admin');
 
         // SuperAdmin-Zugriff durch custom Middleware, globale Sichtbarkeit ohne Tenant-Isolation
         // Blog-Resources werden durch das Plugin-ServiceProvider automatisch registriert

config/auth.php

@@ -40,6 +40,10 @@ return [
             'driver' => 'session',
             'provider' => 'users',
         ],
+        'super_admin' => [
+            'driver' => 'session',
+            'provider' => 'users',
+        ],
         'api' => [
             'driver' => 'sanctum',
             'provider' => 'users',

tests/Feature/SuperAdminSessionMiddlewareTest.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Tests\Feature;
+
+use App\Http\Middleware\UseSuperAdminSession;
+use Illuminate\Http\Request;
+use Tests\TestCase;
+
+class SuperAdminSessionMiddlewareTest extends TestCase
+{
+    public function test_middleware_sets_super_admin_session_cookie(): void
+    {
+        config(['session.cookie' => 'laravel_session']);
+
+        $middleware = new UseSuperAdminSession;
+        $request = Request::create('/super-admin', 'GET');
+
+        $middleware->handle($request, function () {
+            return response('ok');
+        });
+
+        $this->assertSame('super_admin_session', config('session.cookie'));
+    }
+}