#Need advice on the login logic of my application

6 messages · Page 1 of 1 (latest)

grim raft
#

Hi, I need some advice on the connection logic of the application I am currently working on and on the implementation I have already set up.
To put it simply, to access the application, one must be logged in. At the user level, there are 2 access levels:

  • Administrators: who can access the application and the Filament dashboard;
  • Clients who can access the application, but not the Filament dashboard.

I would like to use the Filament login form, which perfectly matches my expectations.

So, for that, I modified the Filament Login class and the toResponse() method to handle redirection based on whether the user is an administrator or a client.

public function toResponse($request): Redirector|RedirectResponse
    {
        $user = Filament::auth()->user();
        $intendedUrl = session()->get('url.intended', '/');

        if (str_contains($intendedUrl, '/admin')) {
            if ($user->hasRole('super_admin')) {
                return redirect()->to(Filament::getUrl());
            }
            return redirect()->to(route('home'));
        }

        return redirect()->to(route('home'));

    }

The idea is to manage the redirection based on the base URL and the user role.
I also created a home route with a custom Middleware (RedirectIfNotAuthenticated) :

Route::get('/', function () {
    return view('welcome');
})->middleware('custom.auth')->name('home');

class RedirectIfNotAuthenticated
{
    public function handle(Request $request, Closure $next): Response
    {
        if (!auth()->check()) {
            return redirect()->route('filament.admin.auth.login');
        }
        return $next($request);
    }
}

Everything seems to be working correctly; the only "hiccup" is that the login URL remains tied to admin/login and I have the feeling we can't change it (or perhaps I just haven't found how...).

Does that seem correct to you? Or is there a more optimal approach?
Thank you in advance for your advice 🙂

dawn kernelBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

valid crystal
#

You can just clone the login class completely, remove the filamentphp ->login() and have it as a standalone livewire login class. After logging in you decide where to go.

#

All login() does is redirect you to the login class and registers the route to access it

grim raft
#

Thank you for your response.
I thought about it at first, but I wasn't quite sure how to retrieve the entire nested layout of filament (not just the login form but HTML, body, ...), which I feel are other Livewire components

Knowing that I will also need to do the same with the passwordReset. The whole thing seemed a bit tricky to me, but I might be mistaken... 😅

And the advantage here is that I can put it on Filament without having to tweak my views...
Aside from the URL, do you see any potential issues with what I’ve implemented?

valid crystal
#

Just add the route to your main routes config:

Route::get('login', LoginClass::class)->name('login');

Then go to login...