Issue with Filament Session on Production after Deploying with Laravel Forge on DigitalOcean
Hi everyone,
I’ve recently deployed a Laravel project using Laravel Forge, hosted on DigitalOcean. The project is a Filament-based application, and everything was working perfectly on my local machine. However, after deploying to the server, I started encountering session issues—users were unable to log in, and the session data wasn’t being stored properly.
After some troubleshooting, I discovered that the problem was resolved when I changed the APP_ENV setting in the .env file from production to local. With APP_ENV=local, the session works fine, and users are able to log in as expected. But, of course, running the app in a "local" environment on a live production server raises security concerns.
Here’s my main question:
What are the risks of keeping APP_ENV=local in a production environment? Is there a more appropriate solution to fix the session issue while maintaining a production environment? I would appreciate any guidance on how to properly resolve this session issue while keeping my app in a secure and production-ready state.
Thanks in advance!
4 Replies
It sounds like you haven't setup the canAccessPanel correctly?
Thanks for the suggestion!
I did set up access controls using Filament's built-in permissions, and I’ve also checked the
canAccessPanel setup. Everything seems to be configured correctly, as it works perfectly on the local environment. However, the issue appears only when the app is deployed on the server via Laravel Forge.
Could the canAccessPanel configuration still be a factor even though it works locally? Any specific suggestions on what I should check or adjust regarding canAccessPanel after deployment?
Also, as mentioned earlier, changing APP_ENV to local fixes the session issue, which makes me wonder if there’s something else server-specific that could be causing the problem.
Any additional thoughts or troubleshooting steps would be appreciated!working locally is not a good indicator of a proper setup as by default any authenticated user can access a panel in local
https://filamentphp.com/docs/3.x/panels/users#overview
Try setting your env on your local machine to somthing like
test and see if it still worksAnd to be clear, never set your production env to anything other than ‘production’. You risk exposing sensitive information.