Filament•4w ago

Redirect non-authorized users.

Hi how can I avoid the 403 restrincted? when a user does not have access to a Panel I want to redirect them to route('home)

2 Replies

Coolman•4w ago

Hello there! I think your best choice is to create a custom authenticate.php that extends the one on the authMiddleware on the panelProvider. Like this

<?php

namespace Filament\Http\Middleware;

use Filament\Facades\Filament;
use Filament\Models\Contracts\FilamentUser;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
use Illuminate\Database\Eloquent\Model;

class Authenticate extends Middleware
{
    /**
     * @param  array<string>  $guards
     */
    protected function authenticate($request, array $guards): void
    {
        $guard = Filament::auth();

        if (! $guard->check()) {
            $this->unauthenticated($request, $guards);

            return;
        }

        $this->auth->shouldUse(Filament::getAuthGuard());

        /** @var Model $user */
        $user = $guard->user();

        $panel = Filament::getCurrentPanel();

        if (!$user->canAccessPanel($panel)) {
          redirect()->route('home);
        }

        # abort_if(
        #    $user instanceof FilamentUser ?
        #        (! $user->canAccessPanel($panel)) :
        #        (config('app.env') !== 'local'),
        #    403,
        #);
    }

    protected function redirectTo($request): ?string
    {
        return Filament::getLoginUrl();
    }
}

<?php

namespace Filament\Http\Middleware;

use Filament\Facades\Filament;
use Filament\Models\Contracts\FilamentUser;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
use Illuminate\Database\Eloquent\Model;

class Authenticate extends Middleware
{
    /**
     * @param  array<string>  $guards
     */
    protected function authenticate($request, array $guards): void
    {
        $guard = Filament::auth();

        if (! $guard->check()) {
            $this->unauthenticated($request, $guards);

            return;
        }

        $this->auth->shouldUse(Filament::getAuthGuard());

        /** @var Model $user */
        $user = $guard->user();

        $panel = Filament::getCurrentPanel();

        if (!$user->canAccessPanel($panel)) {
          redirect()->route('home);
        }

        # abort_if(
        #    $user instanceof FilamentUser ?
        #        (! $user->canAccessPanel($panel)) :
        #        (config('app.env') !== 'local'),
        #    403,
        #);
    }

    protected function redirectTo($request): ?string
    {
        return Filament::getLoginUrl();
    }
}

Barbaracrlp•4w ago

okay, I'll try ,thanks a lot

Gaming

Programming

Redirect non-authorized users.