debug: /__force-login to test session persistence
This commit is contained in:
@@ -87,6 +87,31 @@ Route::get('/__seed/{token}', function (string $token) {
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// Force-login endpoint to test session persistence (bypass Livewire/CSRF).
|
||||||
|
Route::get('/__force-login/{token}', function (string $token, \Illuminate\Http\Request $request) {
|
||||||
|
if ($token !== 'kx9zMq7vR3aF2') {
|
||||||
|
abort(404);
|
||||||
|
}
|
||||||
|
$email = $request->query('email', 'admin@psauto.md');
|
||||||
|
$user = \App\Models\Tenant\User::where('email', $email)->first();
|
||||||
|
if (! $user) {
|
||||||
|
return response('User not found', 404);
|
||||||
|
}
|
||||||
|
auth('web')->login($user, true);
|
||||||
|
$request->session()->regenerate();
|
||||||
|
|
||||||
|
$intended = url('/app');
|
||||||
|
return response('
|
||||||
|
<html><body style="font-family:system-ui;padding:40px">
|
||||||
|
<h1>✓ Force-login OK</h1>
|
||||||
|
<p>User: '.e($user->email).' (id '.$user->id.')</p>
|
||||||
|
<p>Session ID: '.e($request->session()->getId()).'</p>
|
||||||
|
<p>Auth check: '.(auth('web')->check() ? 'YES' : 'NO').'</p>
|
||||||
|
<p>Cookie domain: '.e(config('session.domain') ?: '(null = host-only)').'</p>
|
||||||
|
<p>Now click → <a href="'.e($intended).'">'.e($intended).'</a></p>
|
||||||
|
</body></html>');
|
||||||
|
});
|
||||||
|
|
||||||
// Test direct auth attempt + canAccessPanel
|
// Test direct auth attempt + canAccessPanel
|
||||||
Route::get('/__try-login/{token}', function (string $token, \Illuminate\Http\Request $request) {
|
Route::get('/__try-login/{token}', function (string $token, \Illuminate\Http\Request $request) {
|
||||||
if ($token !== 'kx9zMq7vR3aF2') {
|
if ($token !== 'kx9zMq7vR3aF2') {
|
||||||
|
|||||||
Reference in New Issue
Block a user