Password Confirmation for Edit Profile page
Password Confirmation to view Profile page
Hi π
I am using
->profile on one of my panels and want to have password confirmation (preferably in a modal) before being able to access the Edit Profile form. Following https://v2.filamentphp.com/tricks/password-confirmation-action I have created PasswordAction and tried to add it within AdminPanelProvider
which gives the following error
Filament\Panel::Filament\Panel\Concerns\{closure}(): Argument #1 ($item) must be of type Filament\Navigation\MenuItem, Filament\Actions\Action given
Any ideas if this is feasible and how to approach it?
Thanks πFilament
Password confirmation action by Jeff Greco - Tricks - Filament
Filament is a collection of tools for rapidly building beautiful TALL stack apps, designed for humans.
awcodesβ’261d ago
do you even need it, why not just put a guard / policy in place so that only the authenticated user can view the page.
deploynotfoundβ’261d ago
There are requirements I have been given that say we need a PasswordConfirmation modal (could even be a screen) before accessing the Edit Profile and potentially changing the account information of the currently logged-in/authed User.
So it is needed I'm just looking for whether it's possible to do this for a panels link before I end up creating a custom page just to add an action or middleware in front of it
awcodesβ’261d ago
Just confused why the profile page would load any data that is not the logged in users data. And if the profile users Iβd in in the url then a policy could be used to make it so only the logged in user can access their own profile. These two approaches are what makes it safe. A password confirmation isnβt going to be safe if that password could be guessed or hacked.
But as your error implies, you canβt just pass an action to the menu builder it would have to be a menuItem that has an action on it.
deploynotfoundβ’261d ago
To try and clarify a little further. The use case is that in a busy industry a user could potentially leave their user logged in on a system that is potentially accessible by other members of staff.
Therefore an additional safeguard of asking for the user's password before changing their account information is required.
Generally though it isn't uncommon for applications to require a user to confirm their password before the action is performed.I'm trying to implement functionality similar to Laravel Jetstream https://jetstream.laravel.com/features/password-confirmation.html π€
Is it possible to add an action to https://github.com/filamentphp/filament/blob/3.x/packages/panels/src/Navigation/MenuItem.php if it is then that is a route I could take. Do you know of any examples of how that can be done?
awcodesβ’261d ago
only way i can think to put an action in the user menu is with a renderhook, but that's going to put it at the top or bottom of the menu if you're ok with that.
And I get what you are saying, but I still feel the approach is wrong based on your use case. If you're worried about people leaving their apps open then you it would be better to expire their session after x amount of time.
I mean changing someones profile is the least of your problems if the non logged in user can use that account to change other data, ie add / delete other users with inappropriate permissions.
Andrew Walloβ’259d ago
@deploynotfound If you are asking to do something similar to Laravel Jetstream, then just use a Confirmation model with a form inside with the password. https://filamentphp.com/docs/3.x/actions/modals#confirmation-modals
Andrew Walloβ’259d ago
@deploynotfound A policy check, or really anything on the Edit Profile page, could open the modal on visitation of the page, and ask the user for their password before continuing. If the user fails the password confirmation you can do whatever you want such as redirecting them back to the previous page they were on or logging them out of the application, etc...
deploynotfoundβ’249d ago
Thank you both for your responses! We are going to try opening a modal on the visitation of the edit page itself rather than trying to add a action/hook that it fired on click of Edit Profile π
Andrew Walloβ’249d ago
Sounds good, your welcome.
Filament is a collection of beautiful full-stack components for Laravel.You can get help using it on our Discord.
15KMembers
View on DiscordWant results from more Discord servers?
More PostsV2 - Index/list page additional button next to the 'New ...' buttonTitle sums this up - in a V2 app I need to add an action (to open a modal) from a button placed nextTextInput "prefix" not showingWhy does the "prefix" on TextInput not show? Any ideas? Did I miss something?SpatieMediaLibraryFileUpload: Display original file nameHi
Any ideas on how I can display the original file name when using SpatieMediaLibraryFileUpload?
OHow to show user specific data on a page in a new panel?I created a new panel ('app'), and I want this panel to be accessible for non-admin users. The user How to Reload Dashboard Widget from Other Widget after Modal Action?I have 2 admin widget: borrowed list widget and returned lists widget.
on borrowed lists widget i Info List builder Actions ErrorI get this error, what am I doing wrong here.Prevent select option re-rendering in SelectInputHi, I am using a SelectInput that looks something like this
```php
Select::make('test')->options(PoRunning an action before fetch of a resourceIs it possible to execute code before a resource gets fetched from the database? so like every time How to add a sum of related fields in Form/Components/sectionSo I have a side panel next to my Leads form,
```
Forms\Components\Section::make()Hide a Toggle field depending on Select optionFor some reason, I can't make it work. Here's what I did:
Select::make('roles')
->relationshipopen modal with jsI have created custom page which has a modal , I want to open the modal using js after an event , buSet all column titles to headline()Hi- I have lots of two-word column names, and I'd prefer table columns to use headline case, eg "CreHow to update form query after livewire parameter changeI currently have this code in a child component: ```php
class BanTable extends Component implements Is it possible to run jobs after a form is submitted?I have been trying to run a job that alters a different table in the same database after the form isCan i inject methods to Component like inputi need to inection a new method to input component
like trait
use Cloneable;
use HasActionsdatetime picker multipleits possible to make the datetimepickermultiple ? or do you know any package?
I can't found anythingwhen my controller is run can i update live wireWhen my controller function is run can i update liveware like emit actionPreload a relationship select if a parent select has a valueI'm currently creating a form where the user can pick an item, either by starting from the very firsConfigurable string prefix to singular resource model nameI have attached a picture.
The text in english would be "Create a {singular model name}". That prefiSelect options don't update when using "javascript" selectHi,
i am not sure if there's a better way, or i am using. wrong method, but here's what's happening