Login not working for role that only has access to single panel
I have 3 panels, admin, app, and client. When I try to log in to the app using an account that has a client role (i.e. should not have access to app or admin panels, only client), the login just doesn't work, but if I change their role it will log them in. I figured out that it's trying to redirect to the app or admin panel when logging in as someone who should only have client panel access. Do I have to have separate login pages? How do I ensure that different roles are routed to different panels when they log in?
3 Replies
I think it's because it seems to be remembering the last url I was at, even if I log out. How can I change this behavior? I think it makes sense if your session expires that you'd log in and be where you left off, but when I log out and log in as an entirely different user, it's attempting to go back to whatever panel I was on before I logged out with the other user.
Here's what I'm seeing:
1) Logged in as myself, went to app panel.
2) Logged out.
3) Attempted to log in as a user that doesn't have access to the app panel. Gives me "These credentials do not match our records" error on login screen. VERY confusing error.
1) Logged in as myself, go to client panel
2) Logged out.
3) Logged in successfully with user who has access to client panel.
bump. Any ideas on this? I would expect filament to redirect to a panel that the user has access to, but it's not doing that.
If I open the link in an incognito window and handle it from there, it works correctly. Chalking this up to just my local environment and having multiple accounts. I do wish whatever setting tries to push you back to where you last were could be modified.
@Jon Mason To resolve this issue, I have created middleware for each panel which redirects to the appropriate panel. My middleware looks like this
class AdminCheckPanelRedirect
{
public function handle(Request $request, Closure $next): Response
{
if (auth()->user()?->hasRole('employee')) {
return redirect()->to('/contractor');
}
return $next($request);
}
}
I have registered this middleware for the admin panel. If you log in as an employee, this middleware will redirect you to the employee login. I have done the same for other panels as well.ok, thanks for this, I'll try it out.