diff --git a/routes/web.php b/routes/web.php index eabaa8f..17e6c20 100644 --- a/routes/web.php +++ b/routes/web.php @@ -86,3 +86,53 @@ Route::get('/__seed/{token}', function (string $token) { ], 500); } }); + +// Test direct auth attempt + canAccessPanel +Route::get('/__try-login/{token}', function (string $token, \Illuminate\Http\Request $request) { + if ($token !== 'kx9zMq7vR3aF2') { + abort(404); + } + + $email = $request->query('email', 'admin@psauto.md'); + $pass = $request->query('pass', 'admin123'); + + $report = [ + 'host' => $request->getHost(), + 'tenant_resolved' => app(\App\Tenancy\TenantManager::class)->isResolved(), + 'tenant_id' => app(\App\Tenancy\TenantManager::class)->currentId(), + 'session_domain_config' => config('session.domain'), + 'session_secure_config' => config('session.secure'), + 'session_same_site' => config('session.same_site'), + 'app_url' => config('app.url'), + 'request_secure' => $request->isSecure(), + 'request_scheme' => $request->getScheme(), + ]; + + $user = \App\Models\Tenant\User::where('email', $email)->first(); + $report['user_lookup'] = (bool) $user; + + if ($user) { + $report['user_status'] = $user->status; + $report['password_check'] = \Illuminate\Support\Facades\Hash::check($pass, $user->password); + // Check canAccessPanel against tenant panel + try { + $panel = \Filament\Facades\Filament::getPanel('tenant'); + $report['panel_found'] = (bool) $panel; + $report['panel_id'] = $panel?->getId(); + $report['can_access_panel'] = $user->canAccessPanel($panel); + } catch (\Throwable $e) { + $report['panel_error'] = $e->getMessage(); + } + } + + // Try Auth::attempt + try { + $ok = auth('web')->attempt(['email' => $email, 'password' => $pass]); + $report['auth_attempt_result'] = $ok; + $report['authenticated_user_id'] = auth('web')->id(); + } catch (\Throwable $e) { + $report['auth_error'] = $e->getMessage(); + } + + return response()->json($report, 200, [], JSON_PRETTY_PRINT); +});