F
Filament10mo ago
hxnnxs

Error when transferring the project to prod: 403FORBIDDEN

Hello everyone when transferring a project from local to production in the filament, I get error 403 FORBIDDEN. Here's mine User.php : 
 <?php

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Filament\Models\Contracts\FilamentUser;
use Filament\Models\Contracts\HasTenants;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Jeffgreco13\FilamentBreezy\Traits\TwoFactorAuthenticatable;
use Laravel\Sanctum\HasApiTokens;
use \Filament\Panel;
use \Illuminate\Database\Eloquent\Model;
use \Illuminate\Support\Collection;

class User extends Authenticatable implements HasTenants
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }


}
 <?php

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Filament\Models\Contracts\FilamentUser;
use Filament\Models\Contracts\HasTenants;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\BelongsToMany;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Jeffgreco13\FilamentBreezy\Traits\TwoFactorAuthenticatable;
use Laravel\Sanctum\HasApiTokens;
use \Filament\Panel;
use \Illuminate\Database\Eloquent\Model;
use \Illuminate\Support\Collection;

class User extends Authenticatable implements HasTenants
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }


}
Solution:
https://filamentphp.com/docs/3.x/panels/users#authorizing-access-to-the-panel
Users - Panel Builder - Filament
Jump to solution
11 Replies
Solution
awcodes
awcodes10mo ago
hxnnxs
hxnnxsOP10mo ago
I fixed the error when logging in, but now I'm facing error 403 FORBIDDEN during registration
awcodes
awcodes10mo ago
What did you put in canAccessPanel()? What goes in there needs to be specific to your app. And return if the user is authorized or not to access the panel.
hxnnxs
hxnnxsOP10mo ago
After registration, I get to the page with the creation of the company: http://localhost:8000/dashboard/new , but I get an error . User.php: 
 <?php

namespace App\Models;

use ...
class User extends Authenticatable implements HasTenants, FilamentUser
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    public function canAccessPanel(Panel $panel): bool
    {
        return str_ends_with($this->email, '@fintrack.space') && $this->hasVerifiedEmail();
    }
    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */

    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }
}
 <?php

namespace App\Models;

use ...
class User extends Authenticatable implements HasTenants, FilamentUser
{
    use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
    public function canAccessPanel(Panel $panel): bool
    {
        return str_ends_with($this->email, '@fintrack.space') && $this->hasVerifiedEmail();
    }
    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */

    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function companyContacts(): HasMany
    {
        return $this->hasMany(CompanyContact::class);
    }
    public function getTenants(Panel $panel): Collection
    {
        return $this->companies;
    }

    public function companies(): BelongsToMany
    {
        return $this->belongsToMany(Company::class);
    }

    public function canAccessTenant(Model $tenant): bool
    {
        return $this->companies->contains($tenant);
    }
}
awcodes
awcodes10mo ago
You not using the email verification trait and you are saying the user can’t access without verifying their email. Meaning they aren’t authorized until they do that.
hxnnxs
hxnnxsOP10mo ago
I inserted it into the provider ->email Verification(), but it doesn't work
awcodes
awcodes10mo ago
Your user class doesn’t have the trait in the code you shared above.
awcodes
awcodes10mo ago
https://laravel.com/docs/10.x/verification#model-preparation
Laravel - The PHP Framework For Web Artisans
Laravel is a PHP web application framework with expressive, elegant syntax. We’ve already laid the foundation — freeing you to create without sweating the small things.
hxnnxs
hxnnxsOP10mo ago
Yes, you're right. I missed the moment. But now I have fixed everything, and I am faced with the error that after registration I still have a 403 error, but now I receive an email with verification. But when you click on the verification button, the user is not verified in the DB
awcodes
awcodes10mo ago
You’ll have to debug that one yourself. Sorry. That sounds like something at the Laravel level and not Filament.
hxnnxs
hxnnxsOP10mo ago
Okay, thanks for taking the time to help me and achieve a bug fix, I appreciate it.
Want results from more Discord servers?
Add your server