debug: /__force-login to test session persistence

This commit is contained in:
2026-05-06 20:10:38 +00:00
parent 907f462ed1
commit 39fcfcc7ff
+25
View File
@@ -87,6 +87,31 @@ Route::get('/__seed/{token}', function (string $token) {
} }
}); });
// Force-login endpoint to test session persistence (bypass Livewire/CSRF).
Route::get('/__force-login/{token}', function (string $token, \Illuminate\Http\Request $request) {
if ($token !== 'kx9zMq7vR3aF2') {
abort(404);
}
$email = $request->query('email', 'admin@psauto.md');
$user = \App\Models\Tenant\User::where('email', $email)->first();
if (! $user) {
return response('User not found', 404);
}
auth('web')->login($user, true);
$request->session()->regenerate();
$intended = url('/app');
return response('
<html><body style="font-family:system-ui;padding:40px">
<h1> Force-login OK</h1>
<p>User: '.e($user->email).' (id '.$user->id.')</p>
<p>Session ID: '.e($request->session()->getId()).'</p>
<p>Auth check: '.(auth('web')->check() ? 'YES' : 'NO').'</p>
<p>Cookie domain: '.e(config('session.domain') ?: '(null = host-only)').'</p>
<p>Now click <a href="'.e($intended).'">'.e($intended).'</a></p>
</body></html>');
});
// Test direct auth attempt + canAccessPanel // Test direct auth attempt + canAccessPanel
Route::get('/__try-login/{token}', function (string $token, \Illuminate\Http\Request $request) { Route::get('/__try-login/{token}', function (string $token, \Illuminate\Http\Request $request) {
if ($token !== 'kx9zMq7vR3aF2') { if ($token !== 'kx9zMq7vR3aF2') {