Skip to content

Commit

Permalink
Fix session authentication issues (stechstudio#33)
Browse files Browse the repository at this point in the history 
* clear out default guard as well. possibly move away from static?

* setup a manager, facade, and start moving the main logic out of the trait

* actually, ditch the manager/facade and listen for events instead

* save to session first

* we may need to hardcode sanctum, argg
  • Loading branch information
@jszobody
jszobody authored Feb 18, 2023
1 parent 18fda24 commit 7c2c4d8
Show file tree
Hide file tree
Showing 5 changed files with 39 additions and 34 deletions.
16 changes: 12 additions & 4 deletions routes/web.php
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,15 @@
<?php
use Illuminate\Support\Facades\Route;
use STS\FilamentImpersonate\Impersonate;
use Lab404\Impersonate\Services\ImpersonateManager;

Route::get('filament-impersonate/leave', fn() => Impersonate::leave())
->name('filament-impersonate.leave')
->middleware(config('filament-impersonate.leave_middleware'));
Route::get('filament-impersonate/leave', function() {
if(!app(ImpersonateManager::class)->isImpersonating()) {
return redirect('/');
}

app(ImpersonateManager::class)->leave();

return redirect(
session()->pull('impersonate.back_to') ?? config('filament.path')
);
})->name('filament-impersonate.leave')->middleware(config('filament-impersonate.leave_middleware'));
35 changes: 9 additions & 26 deletions src/Concerns/Impersonates.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,10 @@ public function getRedirectTo(): string
return $this->evaluate($this->redirectTo) ?? config('filament-impersonate.redirect_to');
}

protected static function allowed($current, $target): bool
protected function canBeImpersonated($target): bool
{
$current = Filament::auth()->user();

return $current->isNot($target)
&& !app(ImpersonateManager::class)->isImpersonating()
&& (!method_exists($current, 'canImpersonate') || $current->canImpersonate())
Expand All @@ -53,40 +55,21 @@ protected static function allowed($current, $target): bool

public function impersonate($record): bool|Redirector|RedirectResponse
{
if (!static::allowed(Filament::auth()->user(), $record)) {
if (!$this->canBeImpersonated($record)) {
return false;
}

session()->put([
'impersonate.back_to' => request('fingerprint.path'),
'impersonate.guard' => $this->getGuard()
]);

app(ImpersonateManager::class)->take(
Filament::auth()->user(),
$record,
$this->getGuard()
);

session()->forget(array_unique([
'password_hash_' . config('filament-impersonate.guard'),
'password_hash_' . config('filament.auth.guard')
]));
session()->put('impersonate.back_to', request('fingerprint.path'));

return redirect($this->getRedirectTo());
}

public static function leave(): bool|Redirector|RedirectResponse
{
if(!app(ImpersonateManager::class)->isImpersonating()) {
return redirect('/');
}

app(ImpersonateManager::class)->leave();

session()->forget(array_unique([
'password_hash_' . config('filament-impersonate.guard'),
'password_hash_' . config('filament.auth.guard')
]));

return redirect(
session()->pull('impersonate.back_to') ?? config('filament.path')
);
}
}
16 changes: 16 additions & 0 deletions src/FilamentImpersonateServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
namespace STS\FilamentImpersonate;

use Filament\PluginServiceProvider;
use Illuminate\Support\Facades\Event;
use Lab404\Impersonate\Events\LeaveImpersonation;
use Lab404\Impersonate\Events\TakeImpersonation;
use STS\FilamentImpersonate\Middleware\ImpersonationBanner;
use STS\FilamentImpersonate\Tables\Actions\Impersonate;

Expand All @@ -13,6 +16,9 @@ class FilamentImpersonateServiceProvider extends PluginServiceProvider
public function register()
{
$this->app['config']->push('filament.middleware.base', ImpersonationBanner::class);

Event::listen(TakeImpersonation::class, fn() => $this->clearAuthHashes());
Event::listen(LeaveImpersonation::class, fn() => $this->clearAuthHashes());
}

public function boot()
Expand All @@ -30,4 +36,14 @@ public function boot()
// want a breaking release yet.
class_alias(Impersonate::class, 'STS\\FilamentImpersonate\\Impersonate');
}

protected function clearAuthHashes()
{
session()->forget(array_unique([
'password_hash_' . session('impersonate.guard'),
'password_hash_' . config('filament.auth.guard'),
'password_hash_' . auth()->getDefaultDriver(),
'password_hash_sanctum'
]));
}
}
3 changes: 1 addition & 2 deletions src/Pages/Actions/Impersonate.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

namespace STS\FilamentImpersonate\Pages\Actions;

use Filament\Facades\Filament;
use Filament\Pages\Actions\Action;
use STS\FilamentImpersonate\Concerns\Impersonates;

Expand All @@ -18,6 +17,6 @@ protected function setUp(): void
->label(__('filament-impersonate::action.label'))
->icon('impersonate::icon')
->action(fn ($record) => $this->impersonate($record))
->hidden(static fn ($record) => !static::allowed(Filament::auth()->user(), $record));
->hidden(static fn ($record) => !$this->canBeImpersonated($record));
}
}
3 changes: 1 addition & 2 deletions src/Tables/Actions/Impersonate.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

namespace STS\FilamentImpersonate\Tables\Actions;

use Filament\Facades\Filament;
use Filament\Tables\Actions\Action;
use STS\FilamentImpersonate\Concerns\Impersonates;

Expand All @@ -18,6 +17,6 @@ protected function setUp(): void
->iconButton()
->icon('impersonate::icon')
->action(fn ($record) => $this->impersonate($record))
->hidden(fn ($record) => !static::allowed(Filament::auth()->user(), $record));
->hidden(fn ($record) => !$this->canBeImpersonated($record));
}
}

0 comments on commit 7c2c4d8

Please sign in to comment.