#Best method of tapping into authentication for add'l check?

3 messages · Page 1 of 1 (latest)

scarlet vaultBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

pseudo chasm
#

I copied the Authenticate class as middleware, and I can return a 403 error like this abort_if($user->isActive() == false, 403);.

But if the user goes back to the main url, I notice that it tries to navigate to the panel as if they're logged in, so it's still logging them in it seems. It still gives the 403 error, but I want to prevenet them from logging in entirely.

pseudo chasm
#

Trying to add a middleware and I'm apparently missing something.

class RequiresActiveUser
{
    public function handle($request, $next)
    {
        if ($request->user()->isActive()) {
            return $next($request);
        }

        Filament::auth()->logout();

        throw new AuthenticationException(
            'Unauthenticated.',
            [Filament::getAuthGuard()],
        );
    }
}