F
Filament7mo ago
Tiago Moises

filament not login inactive user?

I managed to implement it using the code below: public function canAccessPanel(Panel $panel): bool { return $this->is_active == true ; } The problem is that it returns page 403 FORBIDDEN, and I can no login access the admin/login route to log in with another user. It always stays on page 403 FORBIDDEN What solution to this problem?
7 Replies
jaocero
jaocero7mo ago
You can delete the session in the browser session storage and try to refresh the page again.
Hussain4real
Hussain4real7mo ago
Is the user you're trying to login with has the 'is_active' attribute to be true?
Tiago Moises
Tiago Moises7mo ago
Even if I type the url /admin/login it is not directed to the login screen. It is only on screen 403 I wouldn't want to do that, but it will be an option at the moment. Tks
Hussain4real
Hussain4real7mo ago
That's because the session is still active Try the url/dashboard for default Laravel, there you will know if the user is logged in then you can logout
Rahman Ramsi
Rahman Ramsi7mo ago
you can use a middleware to check if the user is active, if not then logout the user
Watoka
Watoka7mo ago
I use this: 
namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class EnsureUserIsActive
{

    public function handle(Request $request, Closure $next)
    {
        if (!$request->user()->isActive()) {
            \Session::flush();
            abort(403, 'Your account is inactive.');
        } else {
            return $next($request);
        }
    }
}
namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class EnsureUserIsActive
{

    public function handle(Request $request, Closure $next)
    {
        if (!$request->user()->isActive()) {
            \Session::flush();
            abort(403, 'Your account is inactive.');
        } else {
            return $next($request);
        }
    }
}
And in the panel provider: 
 ->authMiddleware([
        Authenticate::class,
        EnsureUserIsActive::class,
    ])
 ->authMiddleware([
        Authenticate::class,
        EnsureUserIsActive::class,
    ])
DrByte
DrByte7mo ago
Agreed: the middleware approach is probably best. The reason the user is "stuck" on a 403, is because all the routes they're "hitting" are part of the panel that you've sent canAccessPanel() .... false. Another way around, which is more friendly than the default 403, is a custom 403 page, on which you provide some friendlier text and optionally some links to other parts of the app. And maybe even a logout button (which has to be a form submit button, not just a link), depending on what you want that inactive user to do.
Want results from more Discord servers?
Add your server
More Posts
why wouldn't this form submit button work?Adding a form to a livewire component and have followed the docs exactly, but my form button doesn'tManipulating CSV inside the form, or function in formI need help or an idea for a functionality im trying to make. i am trying to make a form that uploadSelectFilter show full nameI currently have this filter added in: `SelectFilter::make('agent_id')->label('Agent')->relationshiPage that extends RegisterTenant gives error.I am following the docs from the following page to enable tenants within filament. ( https://filamenbelongsToMany How to pass defalut value in this relationshipRelationManager translation for BelongsToMany relationshipLet's say I have belongsToMany relationship with pivot fields having translatable option, Is there aHow can the FileUpload field in Laravel Filament directory be changed dynamically?I have a form with a file upload. When i upload the file, it saves into my desired `public/uploads/dImporter Error message ambiguousI'm getting thise error when importing csv file: "The file field must be a file of type: text/csv, tUncaught Snapshot missing on Livewire component with id: 5k8cfyjIWCqpkMXB2LHvHow do you fix this? I have two tables in my infolist ```php Infolists\Components\Tabs\Tab::make('ABug in extraModalFooterActions argumentsI am using extraModalFooterActions for a couple of actions to "clear" some data. Here's an example