soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

super.admin login bringt nun keinen Fehler 419 mehr

Browse Source
This commit is contained in:
Codex Agent
2025-12-23 09:25:59 +01:00
parent 77fc8015e7
commit 826e2a93ce
6 changed files with 62 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
app/Filament/SuperAdmin/Pages/Auth/Login.php
View File

@@ -2,14 +2,13 @@
namespace App\Filament\SuperAdmin\Pages\Auth;
use Filament\Auth\Http\Responses\Contracts\LoginResponse as LoginResponseContract;
use Filament\Auth\Pages\Login as BaseLogin;
use Filament\Facades\Filament;
use Filament\Forms\Components\Checkbox;
use Filament\Forms\Components\TextInput;
use Filament\Forms\Concerns\InteractsWithForms;
use Filament\Forms\Contracts\HasForms;
use Filament\Auth\Pages\Login as BaseLogin;
use Filament\Auth\Http\Responses\LoginResponse;
use Filament\Auth\Http\Responses\Contracts\LoginResponse as LoginResponseContract;
use Illuminate\Support\Facades\Auth;
use Illuminate\Validation\ValidationException;
class Login extends BaseLogin implements HasForms
@@ -22,16 +21,18 @@ class Login extends BaseLogin implements HasForms
$credentials = $this->getCredentialsFromFormData($data);
if (! Auth::attempt($credentials, $data['remember'] ?? false)) {
$authGuard = Filament::auth();
if (! $authGuard->attempt($credentials, $data['remember'] ?? false)) {
throw ValidationException::withMessages([
'data.email' => __('auth.failed'),
]);
}
$user = Auth::user();
$user = $authGuard->user();
if (! $user->email_verified_at) {
Auth::logout();
$authGuard->logout();
throw ValidationException::withMessages([
'data.email' => 'Your email address is not verified. Please check your email for a verification link.',
@@ -40,7 +41,7 @@ class Login extends BaseLogin implements HasForms
// SuperAdmin-spezifisch: Prüfe auf SuperAdmin-Rolle, keine Tenant-Prüfung
if ($user->role !== 'super_admin') {
Auth::logout();
$authGuard->logout();
throw ValidationException::withMessages([
'data.email' => 'You do not have access to the SuperAdmin panel. Contact support.',
@@ -82,4 +83,4 @@ class Login extends BaseLogin implements HasForms
->label('Remember me'),
];
}
}
}

1
app/Http/Kernel.php
View File

@@ -30,6 +30,7 @@ class Kernel extends HttpKernel
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\UseSuperAdminSession::class,
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,

21
app/Http/Middleware/UseSuperAdminSession.php
View File

@@ -4,6 +4,7 @@ namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Symfony\Component\HttpFoundation\Response;
class UseSuperAdminSession
@@ -15,8 +16,26 @@ class UseSuperAdminSession
*/
public function handle(Request $request, Closure $next): Response
{
config(['session.cookie' => 'super_admin_session']);
if ($this->shouldUseSuperAdminSession($request)) {
config(['session.cookie' => 'super_admin_session']);
}
return $next($request);
}
protected function shouldUseSuperAdminSession(Request $request): bool
{
if (Str::startsWith($request->path(), 'super-admin')) {
return true;
}
$referer = $request->headers->get('referer');
if (! $referer) {
return false;
}
$refererPath = parse_url($referer, PHP_URL_PATH);
return is_string($refererPath) && Str::startsWith(ltrim($refererPath, '/'), 'super-admin');
}
}

2
app/Providers/Filament/SuperAdminPanelProvider.php
View File

@@ -11,7 +11,6 @@ use App\Filament\Widgets\PlatformStatsWidget;
use App\Filament\Widgets\RevenueTrendWidget;
use App\Filament\Widgets\TopTenantsByRevenue;
use App\Filament\Widgets\TopTenantsByUploads;
use App\Http\Middleware\UseSuperAdminSession;
use Boquizo\FilamentLogViewer\FilamentLogViewerPlugin;
use Filament\Http\Middleware\Authenticate;
use Filament\Http\Middleware\DisableBladeIconComponents;
@@ -73,7 +72,6 @@ class SuperAdminPanelProvider extends PanelProvider
])
->middleware([
EncryptCookies::class,
UseSuperAdminSession::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
AuthenticateSession::class,

1
routes/web.php
View File

@@ -377,5 +377,6 @@ Route::middleware('auth')->group(function () {
});
Route::post('/paddle/webhook', [PaddleWebhookController::class, 'handle'])
->withoutMiddleware([\App\Http\Middleware\VerifyCsrfToken::class])
->middleware('throttle:paddle-webhook')
->name('paddle.webhook');

31
tests/Feature/SuperAdminSessionMiddlewareTest.php
View File

@@ -8,7 +8,7 @@ use Tests\TestCase;
class SuperAdminSessionMiddlewareTest extends TestCase
{
public function test_middleware_sets_super_admin_session_cookie(): void
public function test_middleware_sets_super_admin_session_cookie_for_super_admin_routes(): void
{
config(['session.cookie' => 'laravel_session']);
@@ -21,4 +21,33 @@ class SuperAdminSessionMiddlewareTest extends TestCase
$this->assertSame('super_admin_session', config('session.cookie'));
}
public function test_middleware_sets_super_admin_session_cookie_for_livewire_requests_with_super_admin_referer(): void
{
config(['session.cookie' => 'laravel_session']);
$middleware = new UseSuperAdminSession;
$request = Request::create('/livewire/update', 'POST');
$request->headers->set('referer', 'https://fotospiel.test/super-admin/login');
$middleware->handle($request, function () {
return response('ok');
});
$this->assertSame('super_admin_session', config('session.cookie'));
}
public function test_middleware_keeps_default_session_cookie_for_regular_routes(): void
{
config(['session.cookie' => 'laravel_session']);
$middleware = new UseSuperAdminSession;
$request = Request::create('/checkout', 'GET');
$middleware->handle($request, function () {
return response('ok');
});
$this->assertSame('laravel_session', config('session.cookie'));
}
}