11dd99cce2
Livewire posts go to /livewire/update on the bare web middleware group, NOT through the Filament panel middleware. So ResolveTenant didn't fire during login form submission → tenant not set → TenantScope's fail-safe returned 0 users → Auth::attempt failed → 'Email/password incorrect'. Move ResolveTenant + CheckTenantStatus to the global web group via bootstrap/app.php; remove them from TenantPanelProvider to avoid running twice.
36 lines
1.3 KiB
PHP
36 lines
1.3 KiB
PHP
<?php
|
|
|
|
use Illuminate\Foundation\Application;
|
|
use Illuminate\Foundation\Configuration\Exceptions;
|
|
use Illuminate\Foundation\Configuration\Middleware;
|
|
use Illuminate\Http\Request;
|
|
|
|
return Application::configure(basePath: dirname(__DIR__))
|
|
->withRouting(
|
|
web: __DIR__.'/../routes/web.php',
|
|
commands: __DIR__.'/../routes/console.php',
|
|
health: '/up',
|
|
)
|
|
->withMiddleware(function (Middleware $middleware): void {
|
|
// Trust Cloudflare + Coolify Traefik so HTTPS scheme is detected
|
|
// and X-Forwarded-* headers are honored.
|
|
$middleware->trustProxies(at: '*', headers:
|
|
Request::HEADER_X_FORWARDED_FOR
|
|
| Request::HEADER_X_FORWARDED_HOST
|
|
| Request::HEADER_X_FORWARDED_PORT
|
|
| Request::HEADER_X_FORWARDED_PROTO
|
|
| Request::HEADER_X_FORWARDED_AWS_ELB
|
|
);
|
|
|
|
// ResolveTenant must run on EVERY web request (including Livewire
|
|
// /livewire/update endpoints) so tenant context is set before
|
|
// any DB query goes through the global TenantScope.
|
|
$middleware->web(append: [
|
|
\App\Http\Middleware\ResolveTenant::class,
|
|
\App\Http\Middleware\CheckTenantStatus::class,
|
|
]);
|
|
})
|
|
->withExceptions(function (Exceptions $exceptions): void {
|
|
//
|
|
})->create();
|