F
Filament15mo ago
Mdk

Filament + Jetstream + multiple LDAP domains, how to login?

I'm currently trying to set up Filament along a Jetstream with a multi domain LDAP login system So far, Jetstream's login page has been edited to include a domain selector, and the login works fine, I get redirected to the /dashboard page on a successful attempt I'm now trying to put Filament in the mix, but as soon as I try to access its path, I get 302'd to /login and then back to /dashboard since the user is indeed logged in, but Filament refuses to recognize the session
33 Replies
Quadrubo
Quadrubo15mo ago
Okay what do you get 302'd by to login. Which class causes that, can you follow it with a debugger? If it's the Authenticate middleware filament provides, you can just write your own and replace that
Mdk
MdkOP15mo ago
barryvdh/laravel-debugbar will do as debugger? else i'll have to set up phpdebugger which i don't think it's enable on this server as of now
Lara Zeus
Lara Zeus15mo ago
try remove
->authMiddleware([
Authenticate::class,
])
->authMiddleware([
Authenticate::class,
])
Mdk
MdkOP15mo ago
yeah, was just looking into that, as it's what returns unauthenticated so now i'm not redirected anymore, but i get an empty gray page also getting a 404 on this api/public?id=178de384, for some reason, might be part of jetstream?
Lara Zeus
Lara Zeus15mo ago
/api ya I dont think this filament related
Mdk
MdkOP15mo ago
so it shouldn't bother filament, but for some reason it's still blank wait, wait, page source code is all there yeah, x-cloak's fault wonder why it's not de-cloaking
Lara Zeus
Lara Zeus15mo ago
any other console errors
Mdk
MdkOP15mo ago
nope also removing the x-cloaks only show the side menù, which looks.. wrong, so there's definitely something amiss in the css
Lara Zeus
Lara Zeus15mo ago
will the defualt $authGuard is web if you dont have it, not sure try set it to empty string? ->authGuard('')
Mdk
MdkOP15mo ago
i'm kinda wondering why this isn't working actually
No description
Mdk
MdkOP15mo ago
there's no such endpoint for me but anyway removing this means no auth so even a non-logged user can see the panel/gray page
Lara Zeus
Lara Zeus15mo ago
what is the path for your panle? is it "/"
Mdk
MdkOP15mo ago
this bring back the dashboard redirect unfortunantely no, i'm gonna need multiple panels in fact, so this one is /repository the user should be redirected to the panel he was trying to access after a successful login, but that can be fixed i think
Lara Zeus
Lara Zeus15mo ago
shoulde it be somthing like /livewire/livewire.js?id=2f6e5d4d
Mdk
MdkOP15mo ago
definitely i think there's something messed up here my other projects, without jetstream tho, do have that livewire.js part
ConnorHowell
ConnorHowell15mo ago
Are you using database backed authentication or just straight LDAP? (I've not used multi domain with it though but assume it works)
Mdk
MdkOP15mo ago
the one with the DB fallback, if I got that correctly
ConnorHowell
ConnorHowell15mo ago
Yeah so this is how I have my provider setup:
'ldap' => [
'driver' => 'ldap',
'model' => LdapRecord\Models\ActiveDirectory\User::class,
'database' => [
'model' => App\Models\User::class,
'sync_passwords' => true,
'sync_attributes' => [
'full_name' => 'cn',
'username' => 'samaccountname',
'email' => 'mail',
'job_title' => 'title',
'ddi' => 'telephonenumber',
'mobile' => 'mobile',
'department' => 'department',
\App\Ldap\AttributeHandler::class,
],
'sync_existing' => [
'username' => 'samaccountname',
],
],
],
'ldap' => [
'driver' => 'ldap',
'model' => LdapRecord\Models\ActiveDirectory\User::class,
'database' => [
'model' => App\Models\User::class,
'sync_passwords' => true,
'sync_attributes' => [
'full_name' => 'cn',
'username' => 'samaccountname',
'email' => 'mail',
'job_title' => 'title',
'ddi' => 'telephonenumber',
'mobile' => 'mobile',
'department' => 'department',
\App\Ldap\AttributeHandler::class,
],
'sync_existing' => [
'username' => 'samaccountname',
],
],
],
I used to have a lot of issues with third party packages before I swapped to using that
Mdk
MdkOP15mo ago
yes, same config, aside from the list of syncs but i have multiple domains, so that's repeated 5x
ConnorHowell
ConnorHowell15mo ago
Are you just using the regular Authenticate middleware?
Mdk
MdkOP15mo ago
for filament, i was
ConnorHowell
ConnorHowell15mo ago
If so I think you're going to need to set authGuard() to a comma delimited list of your guards. Otherwise it's just going to use your default one
Mdk
MdkOP15mo ago
for jetstream, i edited as per that plugin's doc files, with a select to choose the domain
ConnorHowell
ConnorHowell15mo ago
https://ldaprecord.com/docs/laravel/v3/auth/multi-domain#updating-your-web-routes You're going to essentially want to do this but for filament:
Multi-Domain Authentication Guide
Setting up multi-domain authentication using LdapRecord-Laravel
Mdk
MdkOP15mo ago
yeah, that comma list of ldap providers didn't work i was hoping it'd have been that easy both with or without auth: before
ConnorHowell
ConnorHowell15mo ago
The issue has to be coming from Filaments modified Authenticate middleware
Mdk
MdkOP15mo ago
$this->auth->shouldUse(Filament::getAuthGuard()) that is probably the culprit either i loop the LDAPs, which seems kinda.. awful or i try to login through the DB which should work fine as long as passwords are synced?
ConnorHowell
ConnorHowell15mo ago
It should do as long as they're synced. That or write your own middleware and just use the filament one as a basis? And properly pass through your guards Oh yeah the filament one just assumes 1 guard
Mdk
MdkOP15mo ago
yup
ConnorHowell
ConnorHowell15mo ago
Yeah for now I'd make your own middleware class based on the filament one including the canAccessPanel I almost feel like filament should use 2 by default, the standard Authenticate class then another to check the canAccessFilament method after to avoid issues like this But yeah regardless try your own middleware and see if that works 🤞
Mdk
MdkOP15mo ago
why my own rather than just using the web default? since LDAP syncs users to the DB, they should exist in the users table and so work out of the box, of sorts?
ConnorHowell
ConnorHowell15mo ago
I mean, give it a go? I’m not sure how it handles multi domain in that regard?
Mdk
MdkOP15mo ago
thanks everyone, i'm gonna try fixing my livewire problem first, then work from there i'm afraid this means reinstalling everything I think it's all working right now reinstalled clean removed filament's ->login() and now.. it just works no other changes

Did you find this page helpful?