Filament•3d ago

Restrict non filament panel user, accessing filament admin panel.

I am using laravel v11, with filament and livewire, i have admin panel using filament while normal user can sign-in without filament. Problem is when Admin user logs out and normal user logs-in, it redirect user to domain/admin page which is filament admin panel and shows 403 error. What i want is to redirect normal user to domain/dashboard page which is not a filament page or resource.

5 Replies

SnaggyDainc•2d ago

You can use a Middleware or Filament Response to that https://filamentexamples.com/tutorial/multiple-panels-sign-in-via-one-sign-in-page

Filament Examples

Filament Multiple Panels: Single Login Page for Admin/User Roles

Having multiple panels is excellent for separating users from other roles. However, managing each different login page can be tricky. So, let's make one login page for all panels and switch redirects based on roles.

toeknee•2d ago

i used this method to redirect if cannot access the panel;

<?php

namespace App\Http\Middleware;

use Closure;
use Filament\Facades\Filament;

class RedirectIfCannotAccessPanel
{
    public function handle($request, Closure $next)
    {
        $user = auth()->user();

        // Proceed if user is not authenticated or is not a FilamentUser
        if (! $user instanceof \Filament\Models\Contracts\FilamentUser) {
            return $next($request);
        }

        // Retrieve accessible panels for the user
        $accessiblePanels = $user->panels();

        // Redirect if the user cannot access the current panel
        if (! empty($accessiblePanels) && ! in_array(Filament::getCurrentPanel(), $accessiblePanels, true)) {
            // Redirect to the first accessible panel
            return redirect()->to(config('app.url').'/'.reset($accessiblePanels)->getPath());
        } elseif (empty($accessiblePanels)) {
            return redirect()->to(route('no-team'));
        }

        return $next($request);
    }
}

<?php

namespace App\Http\Middleware;

use Closure;
use Filament\Facades\Filament;

class RedirectIfCannotAccessPanel
{
    public function handle($request, Closure $next)
    {
        $user = auth()->user();

        // Proceed if user is not authenticated or is not a FilamentUser
        if (! $user instanceof \Filament\Models\Contracts\FilamentUser) {
            return $next($request);
        }

        // Retrieve accessible panels for the user
        $accessiblePanels = $user->panels();

        // Redirect if the user cannot access the current panel
        if (! empty($accessiblePanels) && ! in_array(Filament::getCurrentPanel(), $accessiblePanels, true)) {
            // Redirect to the first accessible panel
            return redirect()->to(config('app.url').'/'.reset($accessiblePanels)->getPath());
        } elseif (empty($accessiblePanels)) {
            return redirect()->to(route('no-team'));
        }

        return $next($request);
    }
}

Means it returns to the first returned panel the user can access. else goes to a no-team route.

Dhru•2d ago

this how i solved a similar problem (changed a few things from my code to remove some extra logi but the basis are first you need to add this to your panel provider (will usually be called adminpanelprovider.php and will be in app/http/providers/filament/ directory in your laravel project)

->authMiddleware([ Authenticate::class, \App\Http\Middleware\VerifyAccessStatus::class, ]);

Then create the logic for this class

namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; use Symfony\Component\HttpFoundation\Response; class VerifyAccessStatus { public function handle(Request $request, Closure $next): Response { // logic goes here // if admin etc. //return redirect()->route // return $next($request); } }

toeknee•2d ago

If they need to verify, just redirect them to a custom non-filament page saying verification needed etc

AkkiOP•2d ago

The first is that i am using laravel 11, so i dont have any kernal.php, i need to depend on AppServiceProvider. my function is as below:

public function boot(): void
    {
        Model::unguard();
        Feature::resolveScopeUsing(fn($driver) => Auth::user()?->currentTeam);
        Feature::discover();

        Gate::policy(AConnectLoan::class, AConnectLoanPolicy::class);

        Gate::define('superadmin', function (User $user) {
            return in_array($user->email, [
                '[email protected]',
            ]);
        });

        FilamentColor::register([
            'danger' => Color::Red,
            'primary' => Color::Sky,
            'success' => Color::Green,
            'warning' => Color::Amber,
        ]);

        DatabaseNotifications::trigger('filament.notifications.database-notifications-trigger');
        DatabaseNotifications::pollingInterval('30s');

        Password::defaults(function () {
            return Password::min(14)
                ->mixedCase()
                ->numbers()
                ->symbols()
                ->uncompromised();
        });

        // Add the blameable macro to all blueprints
        Blueprint::macro('blameable', function () {
            (new BlameableService())->addBlameableColumns($this->getTable());
        });    
  
        Validator::extend('cat_email', function ($attribute, $value, $parameters, $validator) {
            $rule = new CatEmailValidator();

            // Call the validate method, passing the $fail closure
            $rule->validate($attribute, $value, function ($message) use ($validator, $attribute) {
               
                $validator->errors()->add($attribute, $message);
            });

            return true;
        });
    }

🎯 In providers i have below providers listed as per the sequence

return [
    App\Providers\AppServiceProvider::class,
    App\Providers\Filament\AdminPanelProvider::class,
    App\Providers\FortifyServiceProvider::class,
    App\Providers\HorizonServiceProvider::class,
    App\Providers\JetstreamServiceProvider::class,
];

This one is my AdminPanelProvider Login code

public function panel(Panel $panel): Panel
    {
        return $panel
            ->default()
            ->id('admin')
            ->path('admin')
            ->login()
            ->colors([
                'primary' => Color::Sky,
            ])
            ->topNavigation()
            ->login(false)
            ->emailVerification()
            ->databaseNotifications()
            ->unsavedChangesAlerts()
            ->userMenuItems($this->getUserMenuItems())
            ->brandLogo(asset('/img/logo-minimal.svg'))
            ->darkModeBrandLogo(asset('/img/logo-minimal-dark.svg'))
            ->brandLogoHeight('2.5rem')
            ->favicon(asset('/favicon.svg'))
            ->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
            ->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
            ->pages([Pages\Dashboard::class])
            ->discoverWidgets(in: app_path('Filament/Widgets'), for: 'App\\Filament\\Widgets')
            ->widgets($this->getWidgets())
            ->middleware($this->getMiddleware())
            ->authMiddleware([Authenticate::class]);
    }

Thing is if i put validation over here for re-direct normal user like below one

Filament::serving(function () {
            if (Filament::getCurrentPanel()) {
                // This block runs only if the request is from a Filament panel
                dd('Filament User:', Filament::auth()->user());
            } else {
                // This block runs if the request is NOT from a Filament panel
                return Redirect::route('home');
            }
}

When i login using admin it gives dd with auth user id but when i login using normal user, it doesn't recognize Filament:: class and gives 403 forbidden error

Gaming

Programming

Restrict non filament panel user, accessing filament admin panel.

Did you find this page helpful?