super.admin login bringt nun keinen Fehler 419 mehr
This commit is contained in:
Codex Agent
@@ -2,14 +2,13 @@
|
||||
|
||||
namespace App\Filament\SuperAdmin\Pages\Auth;
|
||||
|
||||
use Filament\Auth\Http\Responses\Contracts\LoginResponse as LoginResponseContract;
|
||||
use Filament\Auth\Pages\Login as BaseLogin;
|
||||
use Filament\Facades\Filament;
|
||||
use Filament\Forms\Components\Checkbox;
|
||||
use Filament\Forms\Components\TextInput;
|
||||
use Filament\Forms\Concerns\InteractsWithForms;
|
||||
use Filament\Forms\Contracts\HasForms;
|
||||
use Filament\Auth\Pages\Login as BaseLogin;
|
||||
use Filament\Auth\Http\Responses\LoginResponse;
|
||||
use Filament\Auth\Http\Responses\Contracts\LoginResponse as LoginResponseContract;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Validation\ValidationException;
|
||||
|
||||
class Login extends BaseLogin implements HasForms
|
||||
@@ -22,16 +21,18 @@ class Login extends BaseLogin implements HasForms
|
||||
|
||||
$credentials = $this->getCredentialsFromFormData($data);
|
||||
|
||||
if (! Auth::attempt($credentials, $data['remember'] ?? false)) {
|
||||
$authGuard = Filament::auth();
|
||||
|
||||
if (! $authGuard->attempt($credentials, $data['remember'] ?? false)) {
|
||||
throw ValidationException::withMessages([
|
||||
'data.email' => __('auth.failed'),
|
||||
]);
|
||||
}
|
||||
|
||||
$user = Auth::user();
|
||||
$user = $authGuard->user();
|
||||
|
||||
if (! $user->email_verified_at) {
|
||||
Auth::logout();
|
||||
$authGuard->logout();
|
||||
|
||||
throw ValidationException::withMessages([
|
||||
'data.email' => 'Your email address is not verified. Please check your email for a verification link.',
|
||||
@@ -40,7 +41,7 @@ class Login extends BaseLogin implements HasForms
|
||||
|
||||
// SuperAdmin-spezifisch: Prüfe auf SuperAdmin-Rolle, keine Tenant-Prüfung
|
||||
if ($user->role !== 'super_admin') {
|
||||
Auth::logout();
|
||||
$authGuard->logout();
|
||||
|
||||
throw ValidationException::withMessages([
|
||||
'data.email' => 'You do not have access to the SuperAdmin panel. Contact support.',
|
||||
@@ -82,4 +83,4 @@ class Login extends BaseLogin implements HasForms
|
||||
->label('Remember me'),
|
||||
];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,6 +30,7 @@ class Kernel extends HttpKernel
|
||||
*/
|
||||
protected $middlewareGroups = [
|
||||
'web' => [
|
||||
\App\Http\Middleware\UseSuperAdminSession::class,
|
||||
\App\Http\Middleware\EncryptCookies::class,
|
||||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||
\Illuminate\Session\Middleware\StartSession::class,
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Str;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class UseSuperAdminSession
|
||||
@@ -15,8 +16,26 @@ class UseSuperAdminSession
|
||||
*/
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
config(['session.cookie' => 'super_admin_session']);
|
||||
if ($this->shouldUseSuperAdminSession($request)) {
|
||||
config(['session.cookie' => 'super_admin_session']);
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
protected function shouldUseSuperAdminSession(Request $request): bool
|
||||
{
|
||||
if (Str::startsWith($request->path(), 'super-admin')) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$referer = $request->headers->get('referer');
|
||||
if (! $referer) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$refererPath = parse_url($referer, PHP_URL_PATH);
|
||||
|
||||
return is_string($refererPath) && Str::startsWith(ltrim($refererPath, '/'), 'super-admin');
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11,7 +11,6 @@ use App\Filament\Widgets\PlatformStatsWidget;
|
||||
use App\Filament\Widgets\RevenueTrendWidget;
|
||||
use App\Filament\Widgets\TopTenantsByRevenue;
|
||||
use App\Filament\Widgets\TopTenantsByUploads;
|
||||
use App\Http\Middleware\UseSuperAdminSession;
|
||||
use Boquizo\FilamentLogViewer\FilamentLogViewerPlugin;
|
||||
use Filament\Http\Middleware\Authenticate;
|
||||
use Filament\Http\Middleware\DisableBladeIconComponents;
|
||||
@@ -73,7 +72,6 @@ class SuperAdminPanelProvider extends PanelProvider
|
||||
])
|
||||
->middleware([
|
||||
EncryptCookies::class,
|
||||
UseSuperAdminSession::class,
|
||||
AddQueuedCookiesToResponse::class,
|
||||
StartSession::class,
|
||||
AuthenticateSession::class,
|
||||
|
||||
Reference in New Issue
Block a user