F
Filament10mo ago
michaell

Disabling sessions in frontend prevents logging in to FilamentPHP backend?

I'm using FilamentPHP for my admin backend. I don't need sessions in my (non-admin) frontend. Since I don't need them, I don't want them — GDPR and all that. I commented out these three lines from the web middleware group: 
  
    // \Illuminate\Session\Middleware\StartSession::class,
    // \Illuminate\View\Middleware\ShareErrorsFromSession::class,
    // \App\Http\Middleware\VerifyCsrfToken::class,
  
    // \Illuminate\Session\Middleware\StartSession::class,
    // \Illuminate\View\Middleware\ShareErrorsFromSession::class,
    // \App\Http\Middleware\VerifyCsrfToken::class,
and now the FilamentPHP login window loops. In other words, I enter my credentials and end up back on the login page. There's no error message. That was unexpected because the admin panel seems to have its own middleware group, and that group already uses the same middleware: 
    ->middleware([
        EncryptCookies::class,
        AddQueuedCookiesToResponse::class,
        StartSession::class,
        AuthenticateSession::class,
        ShareErrorsFromSession::class,
        VerifyCsrfToken::class,
        SubstituteBindings::class,
        DisableBladeIconComponents::class,
        DispatchServingFilamentEvent::class,
    ])
    ->middleware([
        EncryptCookies::class,
        AddQueuedCookiesToResponse::class,
        StartSession::class,
        AuthenticateSession::class,
        ShareErrorsFromSession::class,
        VerifyCsrfToken::class,
        SubstituteBindings::class,
        DisableBladeIconComponents::class,
        DispatchServingFilamentEvent::class,
    ])
What am I missing?
Solution:
OK, I think I have it? I added this to boot(), and it seems to be working: ```php Livewire::setUpdateRoute(function ($handle) { return Route::post('/livewire/update', $handle)...
Jump to solution
4 Replies
michaell
michaellOP10mo ago
OK, a little more info. If I un-comment the StartSession line in the web middleware, I can log in. If I comment it while I'm on the dashboard page, in development mode, the page almost immediately starts to reload continuously. I'm not surprised that Filament needs session middleware! I am surprised that it seems to need it in the web group, even though it's supposedly using the same middleware itself?
Dennis Koch
Dennis Koch10mo ago
I guess you also need to set them for Livewire middlewares Because Livewire probably relies on web by default
michaell
michaellOP10mo ago
I tried adding this to AppServiceProvider::boot, but it didn't work: 
        Livewire::addPersistentMiddleware([
            StartSession::class,
            ShareErrorsFromSession::class,
            VerifyCsrfToken::class,
        ]);
        Livewire::addPersistentMiddleware([
            StartSession::class,
            ShareErrorsFromSession::class,
            VerifyCsrfToken::class,
        ]);
Is that the wrong way to do it?
Solution
michaell
michaell10mo ago
OK, I think I have it? I added this to boot(), and it seems to be working: 
        Livewire::setUpdateRoute(function ($handle) {
            return Route::post('/livewire/update', $handle)
                ->middleware([
                    'web',
                    StartSession::class,
                    ShareErrorsFromSession::class,
                    VerifyCsrfToken::class,
                ]);
        });
        Livewire::setUpdateRoute(function ($handle) {
            return Route::post('/livewire/update', $handle)
                ->middleware([
                    'web',
                    StartSession::class,
                    ShareErrorsFromSession::class,
                    VerifyCsrfToken::class,
                ]);
        });
Want results from more Discord servers?
Add your server