Filament•2y ago

Disable login

Hi I'm buildinf a Laravel + Jetstream + Filament APP How can I disable Filament Login? and only use Jetstream login / register.

38 Replies

awcodes•2y ago

Remove ->login() from the panel.?

PabloZagniOP•2y ago

Yes!

Matthew•2y ago

Hmmm, for some reason I get ths error

Matthew•2y ago

class AdminPanelProvider extends PanelProvider
{
    public function panel(Panel $panel): Panel
    {
        return $panel
            ->default()
            ->id('admin')
            ->path('admin')
            // ->login()
            ->colors([
                'primary' => Color::Amber,
            ])
            ->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
            ->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
            ->pages([
                Pages\Dashboard::class,
            ])
            ->discoverWidgets(in: app_path('Filament/Widgets'), for: 'App\\Filament\\Widgets')
            ->widgets([
                Widgets\AccountWidget::class,
                Widgets\FilamentInfoWidget::class,
            ])
            ->middleware([
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                AuthenticateSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                SubstituteBindings::class,
                DisableBladeIconComponents::class,
                DispatchServingFilamentEvent::class,
            ])
            ->authMiddleware([
                Authenticate::class,
            ]);
    }
}

class AdminPanelProvider extends PanelProvider
{
    public function panel(Panel $panel): Panel
    {
        return $panel
            ->default()
            ->id('admin')
            ->path('admin')
            // ->login()
            ->colors([
                'primary' => Color::Amber,
            ])
            ->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
            ->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
            ->pages([
                Pages\Dashboard::class,
            ])
            ->discoverWidgets(in: app_path('Filament/Widgets'), for: 'App\\Filament\\Widgets')
            ->widgets([
                Widgets\AccountWidget::class,
                Widgets\FilamentInfoWidget::class,
            ])
            ->middleware([
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                AuthenticateSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                SubstituteBindings::class,
                DisableBladeIconComponents::class,
                DispatchServingFilamentEvent::class,
            ])
            ->authMiddleware([
                Authenticate::class,
            ]);
    }
}

I just want to be able to access the site, but without login @PabloZagni Did you have the same issue, or did it work immediately? Did you do anything else? I tried using ->login(null) but that didnt work

awcodes•2y ago

That’s odd since Jetstream defines a login named route. Maybe a route cache issue.

Matthew•2y ago

I dont think so. Its from a fresh project

Matthew•2y ago

Even when clearing the cache

toeknee•2y ago

So actually just redirect login to login So: Route::redirect('/manage/login', '/login'); It's how I handle it in my jetstream app

Matthew•2y ago

OK, this might sound a bit dumb, but isnt jetstream already with livewire/filament? I didnt find anything about jetstream in the filament docs

toeknee•2y ago

You wouldn't No it isn't jetstream has nothing to do with filament, but I use jetstream on a project and use the above redirect to resolve the forcing of login pages

Matthew•2y ago

Oh, hmm. Then by removing the login(), why do you need jetsream to access without login() Im not sure if im understanding this right

toeknee•2y ago

The above doesn't disable it, it just redirects it. So you have your route that always works, so we redirect it tto that root. /manage/login is my panel login page

Matthew•2y ago

Also if you are disabling the login, shouldnt it be Route::redirect('/manage/login', '/manage');? Why redirect to login? What I want is to be able to access the website without having to login. Is that possible? No login panel whatsoever, just directly to the site

toeknee•2y ago

Because I don't think you can remove login because the application if you define login will look to login you to the panel, not to the primary route for access. But I haven't played so much with V3, and that's how dan recommended we handled it in V2.

Matthew•2y ago

Should I maybe make a new thread and tag Dan? He surely knows more

toeknee•2y ago

No, don't create threads tag please. It's against our #✅┊rules Give me a second to review

Matthew•2y ago

OK no, I meant it as a new help thread

Matthew•2y ago

Arent these called threads? xd

toeknee•2y ago

Yeah tagging full stop unless they know about it is against our rules.

Matthew•2y ago

Ah okk

toeknee•2y ago

let me try with my v3 jetstream app one minute ok Dennis is right, remove ->login() completely. run: php artisan cache:clear then access your standard jetstream login page.

Matthew•2y ago

<?php

use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "web" middleware group. Make something great!
|
*/

Route::get('/', function () {
    return view('welcome');
});

Route::redirect('/admin/login', '/login');

Route::middleware([
    'auth:sanctum',
    config('jetstream.auth_session'),
    'verified',
])->group(function () {
    Route::get('/dashboard', function () {
        return view('dashboard');
    })->name('dashboard');
});

<?php

use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "web" middleware group. Make something great!
|
*/

Route::get('/', function () {
    return view('welcome');
});

Route::redirect('/admin/login', '/login');

Route::middleware([
    'auth:sanctum',
    config('jetstream.auth_session'),
    'verified',
])->group(function () {
    Route::get('/dashboard', function () {
        return view('dashboard');
    })->name('dashboard');
});

It still asks me to to log in

Matthew•2y ago

class AdminPanelProvider extends PanelProvider
{
    public function panel(Panel $panel): Panel
    {
        return $panel
            ->default()
            ->id('admin')
            ->path('admin')
            // ->profile(false)
            ->colors([
                'primary' => Color::Amber,
            ])
            ->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
            ->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
            ->pages([
                Pages\Dashboard::class,
            ])
            ->discoverWidgets(in: app_path('Filament/Widgets'), for: 'App\\Filament\\Widgets')
            ->widgets([
                Widgets\AccountWidget::class,
                Widgets\FilamentInfoWidget::class,
            ])
            ->middleware([
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                AuthenticateSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                SubstituteBindings::class,
                DisableBladeIconComponents::class,
                DispatchServingFilamentEvent::class,
            ])
            ->authMiddleware([
                Authenticate::class,
            ]);
    }
}

class AdminPanelProvider extends PanelProvider
{
    public function panel(Panel $panel): Panel
    {
        return $panel
            ->default()
            ->id('admin')
            ->path('admin')
            // ->profile(false)
            ->colors([
                'primary' => Color::Amber,
            ])
            ->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
            ->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
            ->pages([
                Pages\Dashboard::class,
            ])
            ->discoverWidgets(in: app_path('Filament/Widgets'), for: 'App\\Filament\\Widgets')
            ->widgets([
                Widgets\AccountWidget::class,
                Widgets\FilamentInfoWidget::class,
            ])
            ->middleware([
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                AuthenticateSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                SubstituteBindings::class,
                DisableBladeIconComponents::class,
                DispatchServingFilamentEvent::class,
            ])
            ->authMiddleware([
                Authenticate::class,
            ]);
    }
}

awcodes•2y ago

What exactly are you trying to do? By default access to filament panels requires a logged in user.

Matthew•2y ago

Hmm, well that complicates things. I want a panel that users can access without logging in with an account

awcodes•2y ago

Check the PRs on GitHub. There was a recent one that allows to bypass it. Not sure how it’s implemented though. I will say to be very careful with it though. 🙂

Matthew•2y ago

Oke! Is it also possible to make a guest user, and the panel just automatically logs in the (guest) user

awcodes•2y ago

Yes.

Matthew•2y ago

How would the autologin work though?

awcodes•2y ago

You over ride the login class and just use laravel’s convention to log them in. So in that case you would need the ->login() Personally I’ve never understood how an auto login guest works. Seems to me that could create issues with the same user logged in on 100s or more different machine. I’m probably wrong though.

Matthew•2y ago

ok screw it, I could just make a laravel/livewire page I dont want users to CRUD any data Actually Just read NOthing else Thank you for the help!

awcodes•2y ago

That’s what I would have done to start with. 🙂

toeknee•2y ago

Righttttt so that's what you were doing wrong hehe. You can actually also create a guest user and enable the login page again but auto-login as guest removing the need for login 😉

Matthew•2y ago

This is what I did:

Route::get('/admin', function () {
    return redirect('admin');
});

Route::get('/', MainPage::class);

Route::get('/admin', function () {
    return redirect('admin');
});

Route::get('/', MainPage::class);

Stupid question: even though im technically not authentucated, users cannot perform sql injections, right? Thats purely laravel protection? I want to have a table that users can just read As long as I dont add a form or actions that perform queries, its safe, right?

awcodes•2y ago

As long as you have policies in place for your models you should be fine.

S. Mert ÖZTÜRK•2y ago

@Matthew Give mysql user to only read privilege, or in your db just do this; ALTER DATABASE database_name READ ONLY = 1; by this way and with awcodes way, no one can not write any new row on your db

Matthew•2y ago

Thank youu!

Gaming

Programming

Disable login

Did you find this page helpful?