F
Filament5mo ago
hannes

Error when transferring the project to prod: 403FORBIDDEN

Hello everyone when transferring a project from local to production in the filament, I get error 403 FORBIDDEN. Here's mine User.php : 
 <?php

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Filament\Models\Contracts\FilamentUser;
use Filament\Models\Contracts\HasTenants;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Jeffgreco13\FilamentBreezy\Traits\TwoFactorAuthenticatable;
use Laravel\Sanctum\HasApiTokens;
use \Filament\Panel;
use \Illuminate\Database\Eloquent\Model;
use \Illuminate\Support\Collection;

class User extends Authenticatable implements HasTenants
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }


}
 <?php

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Filament\Models\Contracts\FilamentUser;
use Filament\Models\Contracts\HasTenants;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Jeffgreco13\FilamentBreezy\Traits\TwoFactorAuthenticatable;
use Laravel\Sanctum\HasApiTokens;
use \Filament\Panel;
use \Illuminate\Database\Eloquent\Model;
use \Illuminate\Support\Collection;

class User extends Authenticatable implements HasTenants
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }


}
Solution:
https://filamentphp.com/docs/3.x/panels/users#authorizing-access-to-the-panel
Users - Panel Builder - Filament
Jump to solution
11 Replies
Solution
awcodes
awcodes5mo ago
hannes
hannes5mo ago
I fixed the error when logging in, but now I'm facing error 403 FORBIDDEN during registration
awcodes
awcodes5mo ago
What did you put in canAccessPanel()? What goes in there needs to be specific to your app. And return if the user is authorized or not to access the panel.
hannes
hannes5mo ago
After registration, I get to the page with the creation of the company: http://localhost:8000/dashboard/new , but I get an error . User.php: 
 <?php

namespace App\Models;

use ...
class User extends Authenticatable implements HasTenants, FilamentUser
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    public function canAccessPanel(Panel $panel): bool
    {
        return str_ends_with($this->email, '@fintrack.space') && $this->hasVerifiedEmail();
    }
    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */

    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }
}
 <?php

namespace App\Models;

use ...
class User extends Authenticatable implements HasTenants, FilamentUser
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    public function canAccessPanel(Panel $panel): bool
    {
        return str_ends_with($this->email, '@fintrack.space') && $this->hasVerifiedEmail();
    }
    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */

    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }
}
awcodes
awcodes5mo ago
You not using the email verification trait and you are saying the user can’t access without verifying their email. Meaning they aren’t authorized until they do that.
hannes
hannes5mo ago
I inserted it into the provider ->email Verification(), but it doesn't work
awcodes
awcodes5mo ago
Your user class doesn’t have the trait in the code you shared above.
awcodes
awcodes5mo ago
https://laravel.com/docs/10.x/verification#model-preparation
Laravel - The PHP Framework For Web Artisans
Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the small things.
hannes
hannes5mo ago
Yes, you're right. I missed the moment. But now I have fixed everything, and I am faced with the error that after registration I still have a 403 error, but now I receive an email with verification. But when you click on the verification button, the user is not verified in the DB
awcodes
awcodes5mo ago
You’ll have to debug that one yourself. Sorry. That sounds like something at the Laravel level and not Filament.
hannes
hannes5mo ago
Okay, thanks for taking the time to help me and achieve a bug fix, I appreciate it.
Want results from more Discord servers?
Add your server
More Posts
Standalone FormHi all Sorry to trouble everyone but Im struggling with saving data from a standalone form ( not paHow to access "TextInput" data from Resource to Relation manager?this is the line from TextInput in the resource that I createdhow to use Rich Editor in blade file?I have a custom view file called output.blade.php In this blade file, I want to show the content usiLong $recordTitleAttribute in breadcrumbsI need to globaly search by $recordTitleAttribute, but on edit page in breadcrumbs this value is verClone specific fields in repeaterI'm working with a repeater form and need to duplicate items within the repeater, but I only want toNested/indirect relationship in EditRecordHello Everyone! Is it possible to set nested/indirect relationship on grid/section etc. in edit recFIlaments Import inside RelationManagerHi guys I'm looking for a way to import records using a RelationShip manager. So for example PostResTheme CustomizationI see that I can customize theme per panel by adding a theme,css in resources/css/filament/{panel} dHide and show navigation based on roles or custom logicHow to hide the admin and setting module from regular user using roles and permission or any other cClear Notification after Button ClickedIs it possible to clear a specific database notification by clicking an action button?