F
Filament12mo ago
ThiNha

How to custom redirect after authorization

This tutorial https://filamentphp.com/docs/3.x/panels/resources/getting-started#authorization, but not mention redirecting after authorization. Who anyone help me, please? Thank you very much!
11 Replies
DrByte
DrByte12mo ago
For authENTICATion, Filament just redirects to the expected page, determined by: - did the user try to access a page that requires auth before accessing? If yes, it redirects to that page - else, it redirects to the first "page" of the panel they logged in to ... which is usually the first Dashboard they have authorization to see It doesn't give you control to override that. You might be able to extend the default Filament Authentication middleware to control redirects, but there is some complex logic in deeper layers that are also intertwined with tenancy detection stuff. There might be more control available, but the above is what I've learned from my own projects.
ThiNha
ThiNhaOP12mo ago
Thanks, @DrByte !
DrByte
DrByte12mo ago
That said, here's an example of overriding the default middleware: https://discord.com/channels/883083792112300104/1181573811104124939/1181605317889490995
ThiNha
ThiNhaOP12mo ago
Thanks, @DrByte ! What about on the Resource Page?
DrByte
DrByte12mo ago
OH ... I'm sorry, I should have spotted more clearly that you said AUTHORIZATION, not AUTHENTICATION, but most of my answers were about Authentication. Can you describe more about why you want to redirect based on "authorization"? Some examples, please.
ThiNha
ThiNhaOP12mo ago
I used Spatie Laravel Permission when checking permission access, if true, it can access to page list, if false, I want to redirect to another page.
DrByte
DrByte12mo ago
By default Filament just throws a 403-Forbidden if not authorized to the page. It normally prevents that from being necessary if you use Model Policies to control who can access certain things, and then avoids even giving them the navigation options to access those forbidden things ... which means they should never even have a button/link to click to take them to those unauthorized places anyway. So, wherever possible, just create a Laravel model policy for the Model that your Resource controls records for. And inside the Policy methods you can define the rules for which permissions will allow them to be accessed.
ThiNha
ThiNhaOP12mo ago
By default Filament just throws a 403-Forbidden, Do you have a way to redirect it ?
DrByte
DrByte12mo ago
From what I can tell from digging in the code, no. I suppose you could hook the 403 exception in an exception handler, and do something from there. The safest choice would be to send them back to the previous page they came from. But if they're visiting the page directly from a link from an email or bookmark, then you won't have the "back" option.
ThiNha
ThiNhaOP12mo ago
Thank you very much, @DrByte
DrByte
DrByte12mo ago
What I've usually done, and I'm somewhat satisfied with it, is a custom 403 error page. On that page I provide some friendly text and a link to "home" so they can try the normal navigation. https://laravel.com/docs/master/errors#custom-http-error-pages
Laravel - The PHP Framework For Web Artisans
Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the small things.
Want results from more Discord servers?
Add your server