From dd74109adf981eae0c76aa6301f24846f7b78ad2 Mon Sep 17 00:00:00 2001 From: Vasyka Date: Wed, 6 May 2026 20:24:50 +0000 Subject: [PATCH] debug: /__whoami inspect session state --- routes/web.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/routes/web.php b/routes/web.php index 1fd3e5f..fbc403b 100644 --- a/routes/web.php +++ b/routes/web.php @@ -87,6 +87,22 @@ Route::get('/__seed/{token}', function (string $token) { } }); +Route::get('/__whoami/{token}', function (string $token, \Illuminate\Http\Request $request) { + if ($token !== 'kx9zMq7vR3aF2') abort(404); + $sess = $request->session(); + return response()->json([ + 'host' => $request->getHost(), + 'session_id' => $sess->getId(), + 'session_name' => $sess->getName(), + 'session_driver' => config('session.driver'), + 'session_keys' => array_keys($sess->all()), + 'auth_web_check' => auth('web')->check(), + 'auth_web_user' => auth('web')->user()?->only(['id', 'email', 'company_id']), + 'auth_default' => config('auth.defaults.guard'), + 'tenant_id' => app(\App\Tenancy\TenantManager::class)->currentId(), + ], 200, [], JSON_PRETTY_PRINT); +}); + // Force-login endpoint to test session persistence (bypass Livewire/CSRF). Route::get('/__force-login/{token}', function (string $token, \Illuminate\Http\Request $request) { if ($token !== 'kx9zMq7vR3aF2') {