F
Filament3w ago
Sector

Magic link login

Hey guys! There is a way, to allow the login only via magic link? I mean, when the user hit login button on the admin panel, he will get a magic link in email, which only allows to login to the admin panel.
2 Replies
toeknee
toeknee3w ago
Of course, just build the controller to handle the login, get the user from the token in the url and validate it hasn't expired. Login the user and expire the link you can use similar to: 
Route::get('magic-moments/{token}', function ($token) {
    $token = \App\Models\UniqueAccessToken::where('access_token', $token)
        ->where('model_type', \App\Models\User::class)
        ->where('url', '!=', null)
        ->where('expires_at', '>', now())
        ->first();

    if ($token) {

        Auth::loginUsingId((int) $token->model_id);

        $token->last_used_at = now();
        $token->save();

        return redirect($token->url);
    }

    abort(403); // Unauthorized

})->name('ol');
Route::get('magic-moments/{token}', function ($token) {
    $token = \App\Models\UniqueAccessToken::where('access_token', $token)
        ->where('model_type', \App\Models\User::class)
        ->where('url', '!=', null)
        ->where('expires_at', '>', now())
        ->first();

    if ($token) {

        Auth::loginUsingId((int) $token->model_id);

        $token->last_used_at = now();
        $token->save();

        return redirect($token->url);
    }

    abort(403); // Unauthorized

})->name('ol');
And build an access token model: 
<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;

class UniqueAccessToken extends Model
{
    use HasFactory;

    protected $table = 'unique_access_tokens';

    protected $fillable = [
        'model_type',
        'model_id',
        'access_token',
        'url',
        'data',
        'last_used_at',
        'expires_at',
        'data',
    ];

    protected $casts = [
        'data' => 'array',
        'last_used_at' => 'datetime',
        'expires_at' => 'datetime',
    ];
}
<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;

class UniqueAccessToken extends Model
{
    use HasFactory;

    protected $table = 'unique_access_tokens';

    protected $fillable = [
        'model_type',
        'model_id',
        'access_token',
        'url',
        'data',
        'last_used_at',
        'expires_at',
        'data',
    ];

    protected $casts = [
        'data' => 'array',
        'last_used_at' => 'datetime',
        'expires_at' => 'datetime',
    ];
}
Sector
Sector3w ago
Thank a lot!
Want results from more Discord servers?
Add your server
More Posts
Embedded youtube video in rich editorHey all, I want the user to be able to add an embedded youtube video to the rich editor. Is there ansend an email after creating a recordas title says , i want to send an email after creating a record , for example after creating a user ActionsWhat would be the best way to define a function that can be used as a bulk action, table action and Form with Textarea on custom widget causing JS errorsI have a custom widget added to a resource view page. The widget is implementing a form according toGithub Action Test Failing with brand logo onViewException View [software.settings.logo] not found. (View: /home/runner/work/myapp/myapp/venRepeater rolls back after saveHi all, I'm having a strange issue with the repeater field, after saving it rolls back the changes. Problems closing a parent modalHi there! I a have a Filament Table for invoices that opens a modal with invoice details using the VCheck upon loginUpon logging in, I would like to check whether a user has filled in his profile information. Is ther