F
Filament16mo ago
Jamie Cee

Middlewares

Not sure if I've overlooked the docs or not. So I know there is the authMiddlewares in the provider. However, I have a middleware that checks for a global 2fa we have. I want all routes to be hidden if the middleware fails, but I want to still allow access to the dashboard only. Is there a way to do this that Im just not seeing?
8 Replies
ChesterS
ChesterS16mo ago
Do you use the default dashboard? One way would be to create/extend your own and ignore the 2fa middleware in the ignored ones? 
protected static string | array $withoutRouteMiddleware = YourMiddleware...
protected static string | array $withoutRouteMiddleware = YourMiddleware...
Jamie Cee
Jamie CeeOP16mo ago
Is that a property in the dashboard class
ChesterS
ChesterS16mo ago
It's in the resources. Hmm didn't check the dashboard tbh
Jamie Cee
Jamie CeeOP16mo ago
Is there an opposite, so that in the resources that I want in the middleware, I can add them there Might be a solution for me
ChesterS
ChesterS16mo ago
Ok I checked. It's in the HasRoutes trait, so it can be used in the Dashboard class too. You can also do 
protected static string | array $routeMiddleware
protected static string | array $routeMiddleware
if you want the opposite
Jamie Cee
Jamie CeeOP16mo ago
So that property goes in the resource directly? As in the UserResource, I've put 
    protected static string|array $routesMiddleware = [
        GlobalTwoFactorAuth::class,
    ];
    protected static string|array $routesMiddleware = [
        GlobalTwoFactorAuth::class,
    ];
But I still have access when I shouldnt
ChesterS
ChesterS16mo ago
Yeap. So something like 
class Dashboard extends DefaultDashboard {
       protected static string|array $routesMiddleware = [
        GlobalTwoFactorAuth::class,
    ];
}
class Dashboard extends DefaultDashboard {
       protected static string|array $routesMiddleware = [
        GlobalTwoFactorAuth::class,
    ];
}
yeah I guess. I've never tried it myself, but that's the idea
Jamie Cee
Jamie CeeOP16mo ago
Yeah, Ill have a play around, as it currently should block me from viewing the list of users, but is still letting me instead. Cheers bud 🙂

Did you find this page helpful?