How to custom redirect after authorization
This tutorial https://filamentphp.com/docs/3.x/panels/resources/getting-started#authorization, but not mention redirecting after authorization.
Who anyone help me, please? Thank you very much!
11 Replies
For authENTICATion, Filament just redirects to the expected page, determined by:
- did the user try to access a page that requires auth before accessing? If yes, it redirects to that page
- else, it redirects to the first "page" of the panel they logged in to ... which is usually the first Dashboard they have authorization to see
It doesn't give you control to override that.
You might be able to extend the default Filament Authentication middleware to control redirects, but there is some complex logic in deeper layers that are also intertwined with tenancy detection stuff.
There might be more control available, but the above is what I've learned from my own projects.
Thanks, @DrByte !
That said, here's an example of overriding the default middleware: https://discord.com/channels/883083792112300104/1181573811104124939/1181605317889490995
Thanks, @DrByte !
What about on the Resource Page?
OH ... I'm sorry, I should have spotted more clearly that you said AUTHORIZATION, not AUTHENTICATION, but most of my answers were about Authentication.
Can you describe more about why you want to redirect based on "authorization"? Some examples, please.
I used Spatie Laravel Permission when checking permission access, if true, it can access to page list, if false, I want to redirect to another page.
By default Filament just throws a 403-Forbidden if not authorized to the page.
It normally prevents that from being necessary if you use Model Policies to control who can access certain things, and then avoids even giving them the navigation options to access those forbidden things ... which means they should never even have a button/link to click to take them to those unauthorized places anyway.
So, wherever possible, just create a Laravel model policy for the Model that your Resource controls records for. And inside the Policy methods you can define the rules for which permissions will allow them to be accessed.
By default Filament just throws a 403-Forbidden, Do you have a way to redirect it ?
From what I can tell from digging in the code, no.
I suppose you could hook the 403 exception in an exception handler, and do something from there. The safest choice would be to send them back to the previous page they came from. But if they're visiting the page directly from a link from an email or bookmark, then you won't have the "back" option.
Thank you very much, @DrByte
What I've usually done, and I'm somewhat satisfied with it, is a custom 403 error page. On that page I provide some friendly text and a link to "home" so they can try the normal navigation. https://laravel.com/docs/master/errors#custom-http-error-pages
Laravel - The PHP Framework For Web Artisans
Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the small things.