F
Filament7mo ago
Jon Mason

Production issue affecting multiple users. Need some help with where to start.

I just rolled out my an application last week, there are 3 panels, 2 for internal users (working fine), 1 for clients. Multiple clients are getting an error message that their credentials don't match what's in the system. I encountered this quite a bit when I was developing the software and thought I had it fixed. I can't reproduce the problem locally, and from what I can tell, all the data is correct in production, so I'm baffled. I just created a client user and I'm getting the same response. When I look at the network tab I don't see anything weird. The main difference between the 2 logins is that clients login at https://myapp.com/client/login, and internal users login at https://myapp.com/login. I've removed any middleware that's not stock except for one, which just handles if they respond to a link in an email and haven't verified their account yet, it will force them to do that first. But in this instance, my user is verified, so that shouldn't be a factor. How can I begin to trace this down when I can't duplicate it locally? Does anything I've described above give any clues about what could be going on?
腾讯应用宝
应用宝官网-全网最新最热手机应用游戏下载
应用宝是腾讯旗下官方手机app应用商店,致力于为您提供海量、优质、安全、最新的安卓应用游戏下载!
腾讯应用宝
应用宝官网-全网最新最热手机应用游戏下载
应用宝是腾讯旗下官方手机app应用商店,致力于为您提供海量、优质、安全、最新的安卓应用游戏下载!
No description
9 Replies
Jon Mason
Jon MasonOP7mo ago
Here's my ClientPanelProvider: 
class ClientPanelProvider extends PanelProvider
{
    public function boot()
    {
        PanelSwitch::configureUsing(function (PanelSwitch $panelSwitch) {
            $panelSwitch->simple()
                ->excludes(fn () => auth()->user()?->excludedPanels())
                ->visible(fn (): bool => auth()->user()?->isInternal());
        });
    }

    public function panel(Panel $panel): Panel
    {
        return $panel
            ->id('client')
            ->path('client')
            ->login()
            ->passwordReset()
            ->viteTheme('resources/css/filament/app/theme.css')
            ->discoverResources(in: app_path('Filament/Client/Resources'), for: 'App\\Filament\\Client\\Resources')
            ->discoverPages(in: app_path('Filament/Client/Pages'), for: 'App\\Filament\\Client\\Pages')
            ->pages([
                \App\Livewire\Client\ClientDashboard::class,
                Recat::class,
                PartsRolloverList::class,
                PartsRolloverDetail::class,
            ])
            ->discoverWidgets(in: app_path('Filament/Client/Widgets'), for: 'App\\Filament\\Client\\Widgets')
            ->plugins([
                FilamentApexChartsPlugin::make(),
            ])
            ->middleware([
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                AuthenticateSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                SubstituteBindings::class,
                DisableBladeIconComponents::class,
                DispatchServingFilamentEvent::class
            ])
            ->authMiddleware([
                Authenticate::class,
                RedirectToIntendedMiddleware::class,
            ])
    }
}
class ClientPanelProvider extends PanelProvider
{
    public function boot()
    {
        PanelSwitch::configureUsing(function (PanelSwitch $panelSwitch) {
            $panelSwitch->simple()
                ->excludes(fn () => auth()->user()?->excludedPanels())
                ->visible(fn (): bool => auth()->user()?->isInternal());
        });
    }

    public function panel(Panel $panel): Panel
    {
        return $panel
            ->id('client')
            ->path('client')
            ->login()
            ->passwordReset()
            ->viteTheme('resources/css/filament/app/theme.css')
            ->discoverResources(in: app_path('Filament/Client/Resources'), for: 'App\\Filament\\Client\\Resources')
            ->discoverPages(in: app_path('Filament/Client/Pages'), for: 'App\\Filament\\Client\\Pages')
            ->pages([
                \App\Livewire\Client\ClientDashboard::class,
                Recat::class,
                PartsRolloverList::class,
                PartsRolloverDetail::class,
            ])
            ->discoverWidgets(in: app_path('Filament/Client/Widgets'), for: 'App\\Filament\\Client\\Widgets')
            ->plugins([
                FilamentApexChartsPlugin::make(),
            ])
            ->middleware([
                EncryptCookies::class,
                AddQueuedCookiesToResponse::class,
                StartSession::class,
                AuthenticateSession::class,
                ShareErrorsFromSession::class,
                VerifyCsrfToken::class,
                SubstituteBindings::class,
                DisableBladeIconComponents::class,
                DispatchServingFilamentEvent::class
            ])
            ->authMiddleware([
                Authenticate::class,
                RedirectToIntendedMiddleware::class,
            ])
    }
}
Jon Mason
Jon MasonOP7mo ago
Currently reviewing this issue. If anyone has run into this and can clue me in on what the problem might be, I'd greatly appreciate it. https://github.com/filamentphp/filament/discussions/11506
GitHub
These credentials do not match our records. · filamentphp filament ...
Package Other Package Version ^3.2 How can we help you? I tried logging in with correct credentials and this is what I encounter. My friend is using windows and we pulled from master and did all th...
Jon Mason
Jon MasonOP7mo ago
I do have the MustVerifyEmail trait on my User model. And this is my canAccessPanel method, which I'm not sure is relevant: 
    public function canAccessPanel(Panel $panel): bool
    {
        if ($panel->getId() == 'client') {
            return $this->hasVerifiedEmail();
        } else if ($panel->getId() == 'admin') {
            return $this->role->is_internal && $this->hasVerifiedEmail() && $this->hasAdminRole();
        } else if ($panel->getId() == 'app') {
            return $this->role->is_internal && $this->hasVerifiedEmail();
        } else {
            return true;
        }
    }
    public function canAccessPanel(Panel $panel): bool
    {
        if ($panel->getId() == 'client') {
            return $this->hasVerifiedEmail();
        } else if ($panel->getId() == 'admin') {
            return $this->role->is_internal && $this->hasVerifiedEmail() && $this->hasAdminRole();
        } else if ($panel->getId() == 'app') {
            return $this->role->is_internal && $this->hasVerifiedEmail();
        } else {
            return true;
        }
    }
I added some logging and it's not even getting to the canAccessPanel method before kicking back the error. I copied the Filament\Http\Middleware\Authenticate class into my own middleware directory and imported that class instead so I could add some logging. It appears that the Authenticate class is never getting called. It's not getting there before the error is kicked back. How can it not even be getting to the authentication?
awcodes
awcodes7mo ago
Wonder if the request is getting rate limited somehow. And it’s catching the wrong error message.
Jon Mason
Jon MasonOP7mo ago
this would be so much easier if I could reproduce it locally, but it's all working right there. So frustrating. Maybe it is rate limiting? I guess I need to add more logging into the internals of Filament to see what's happening? I'm at a loss.
awcodes
awcodes7mo ago
yea. wish i had a more solid answer for you. it's weird for sure though, especially if it's not all users and only some.
Jon Mason
Jon MasonOP7mo ago
Yeah, it's only users who have access to a single panel (client). All the other users are not having any issue.
Jon Mason
Jon MasonOP7mo ago
Just comparing the request in the network tab in dev tools between the panel that's broken and logging into the panel that works, and I get differen values in the updates object..not sure if that's significant.
No description
No description
awcodes
awcodes7mo ago
is it possible your server is serving livewire.js directly as a cached asset instead of serving it from php? i know on some of my servers i had to explicitly tell nginx to let it fall through to php.
Want results from more Discord servers?
Add your server