Steps to implement Basic Auth (on top of the FilamentUser contract)?

I'd like to double-lock-down my application with "implements FilamentUser" as well as Basic Auth. I already have the former in place. How can I add Basic Auth on top of that for all Filament-related URLs/resources? Thank you!
Solution:
2FA would definitely be better that basic auth.
Jump to solution
10 Replies
awcodes
awcodes12mo ago
Can you explain more. I don’t see where basic auth plays into server side routing.
agileadam
agileadamOP12mo ago
I have some minimal PII in this environment. I would feel better having a Basic Auth speedbump in front of the normal filament login. In simple PHP applications I'd use .htaccess/.htpasswd. I see there is middleware in Laravel (https://laravel.com/docs/10.x/authentication#http-basic-authentication) but I wasn't sure if I could apply this somehow to filament paths without causing issues. I only have 2 users in my Users table, and I do have canAccessPanel() implemented to only allow a very specific email address pattern. I imagine it's quite secure as-is... just looking for that extra peace of mind.
awcodes
awcodes12mo ago
That’s weird to me, but hey. Through it in and see what happens. I think it’s unnecessary personally.
agileadam
agileadamOP12mo ago
Yeah, you are probably right. Probably would be better to spend my time looking into 2FA, huh
awcodes
awcodes12mo ago
Do you really need auth on top of auth and and actual login is going to be more secure.
agileadam
agileadamOP12mo ago
Well, I'll certainly give it more thought. I appreciate your time.
Solution
awcodes
awcodes12mo ago
2FA would definitely be better that basic auth.
agileadam
agileadamOP12mo ago
I agree. That would give me peace of mind. I will likely persue that.
agileadam
agileadamOP12mo ago
I see there is already at least one plugin. https://github.com/webbingbrasil/filament-2fa I'll give this a look on Monday. Thank you again!
GitHub
GitHub - webbingbrasil/filament-2fa: A Two Factor Authentication pa...
A Two Factor Authentication package for Filament Admin - GitHub - webbingbrasil/filament-2fa: A Two Factor Authentication package for Filament Admin
DrByte
DrByte12mo ago
The Filament-Breezy plugin also has 2FA, along with a bunch of other things.
Want results from more Discord servers?
Add your server