F
Filament4mo ago
Nuekrato

canAccess() is called on every page/resource AFTER logout resulting in an exception?

I use a default panel for Filament but I have problems on using the default logout - either frm the user dropdown in the top navigation bar or using the account widget logout button. After clicking logout Filament redirects and calls the /logout route using a POST request. During that I get an error 500 and the following exception (see logs attached). This is the method that produces the error from my FeatureSettingsPage: 
    public static function canAccess(): bool
    {
        return auth()->user()?->isAdmin();
    }
    public static function canAccess(): bool
    {
        return auth()->user()?->isAdmin();
    }
So there is nothing special here. But the problem is very strange: Why should Filament call this method? After logging out I should be redirected to the login page and there is no need to call the canAccess() method on specific pages? I tried to return just true in the canAccess()-method but then Filament just calls the next canAccess-method from another page and so on. I removed the path for the panel provider because I want to host the default panel on the default path without any prefix: From my App\Providers\Filament\AppPanelProvider: 
    public function panel(Panel $panel): Panel
    {
        return $panel
            ->maxContentWidth(MaxWidth::Full)
            ->default()
            ->id('app')
            ->path('')
            ...
            ]);
    }
}
    public function panel(Panel $panel): Panel
    {
        return $panel
            ->maxContentWidth(MaxWidth::Full)
            ->default()
            ->id('app')
            ->path('')
            ...
            ]);
    }
}

filament-exception.t...

2 Replies
Cole Shirley
Cole Shirley5w ago
I'm adding a warning to the docs about this and I found the root cause if you want to look at the readme in my demo app https://github.com/filamentphp/filament/pull/14609
GitHub
Add warning to documentation about checking for authenticated users...
Description See readme for https://github.com/coleshirley/filament-logout-bug and this filament discord report: https://discord.com/channels/883083792112300104/1272884452254810163 Visual changes no...
Kane G
Kane G5w ago
The problem is strange in that the nav runs first before the redirect but that could be for a number of reasons. Realistically you should be making sure your functions return the correct type anyway. That function you posted above, has the possibility to return null but specifying only a bool can be returned. 
public static function canAccess(): bool
{
        return auth()->user()?->isAdmin() ?? false;
}
public static function canAccess(): bool
{
        return auth()->user()?->isAdmin() ?? false;
}
Would be a better way to check and ensure when auth()->user() is null it will return false.
Want results from more Discord servers?
Add your server