F
Filament6mo ago
Sector

Magic link login

Hey guys! There is a way, to allow the login only via magic link? I mean, when the user hit login button on the admin panel, he will get a magic link in email, which only allows to login to the admin panel.
2 Replies
toeknee
toeknee6mo ago
Of course, just build the controller to handle the login, get the user from the token in the url and validate it hasn't expired. Login the user and expire the link you can use similar to: 
Route::get('magic-moments/{token}', function ($token) {
    $token = \App\Models\UniqueAccessToken::where('access_token', $token)
        ->where('model_type', \App\Models\User::class)
        ->where('url', '!=', null)
        ->where('expires_at', '>', now())
        ->first();

    if ($token) {

        Auth::loginUsingId((int) $token->model_id);

        $token->last_used_at = now();
        $token->save();

        return redirect($token->url);
    }

    abort(403); // Unauthorized

})->name('ol');
Route::get('magic-moments/{token}', function ($token) {
    $token = \App\Models\UniqueAccessToken::where('access_token', $token)
        ->where('model_type', \App\Models\User::class)
        ->where('url', '!=', null)
        ->where('expires_at', '>', now())
        ->first();

    if ($token) {

        Auth::loginUsingId((int) $token->model_id);

        $token->last_used_at = now();
        $token->save();

        return redirect($token->url);
    }

    abort(403); // Unauthorized

})->name('ol');
And build an access token model: 
<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;

class UniqueAccessToken extends Model
{
    use HasFactory;

    protected $table = 'unique_access_tokens';

    protected $fillable = [
        'model_type',
        'model_id',
        'access_token',
        'url',
        'data',
        'last_used_at',
        'expires_at',
        'data',
    ];

    protected $casts = [
        'data' => 'array',
        'last_used_at' => 'datetime',
        'expires_at' => 'datetime',
    ];
}
<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;

class UniqueAccessToken extends Model
{
    use HasFactory;

    protected $table = 'unique_access_tokens';

    protected $fillable = [
        'model_type',
        'model_id',
        'access_token',
        'url',
        'data',
        'last_used_at',
        'expires_at',
        'data',
    ];

    protected $casts = [
        'data' => 'array',
        'last_used_at' => 'datetime',
        'expires_at' => 'datetime',
    ];
}
Sector
SectorOP6mo ago
Thank a lot!
Want results from more Discord servers?
Add your server