Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Using Laravel Fortify / Sanctum impersonate returns false #183

Open
sts-ryan-holton opened this issue Aug 11, 2023 · 5 comments
Open

Using Laravel Fortify / Sanctum impersonate returns false #183

sts-ryan-holton opened this issue Aug 11, 2023 · 5 comments

Comments

@sts-ryan-holton
Copy link

Hi, I'm using Laravel 10 as a backend to a Nuxt JS front-end. I've installed the package, when I send a request to login to my endpoint's function attached, my $impersonate variable returns false, why aren't I being logged in?

/**
 * Log in as a user
 *
 * @return \Illuminate\Http\Response
 */
public function loginAsUser(User $user, Request $request)
{
    $validator = Validator::make($request->all(), [
        'id' => 'required|numeric|exists:users,id'
    ]);

    if ($validator->fails()) {
        return new ApiValidationErrorResponse($validator->messages());
    }

    $user = User::with('company')->find(Auth::id());

    // must be on the default company
    if (!isset($user->company) || (isset($user->company) && !$user->company->is_system_default)) {
        return new ApiSuccessResponse(null, [
            'message' => "You cannot log in as other users unless on the system default company.",
        ], 400);
    }

    // double check that this user is a super admin
    if (!$user->hasRole('super_admin')) {
        return new ApiSuccessResponse(null, [
            'message' => "You are not allowed to log in as this user.",
        ], 400);
    }

    // get the user to login as
    $newUser = User::find($request->input('id'));

    $impersonate = $user->impersonate($newUser);

    return new ApiSuccessResponse($impersonate, [
        'newuser' => $newUser,
        'newuser2' => Auth::user()
    ]);
}
@neetu-mittal
Copy link

I am facing same issue

@sts-ryan-holton
Copy link
Author

@neetu-mittal For me, interestingly, despite having the default_impersonator_guard config set to web, I actually had to override it in the impersonate function itself. After looking through the raw code (can't find it documented) it looks like the impersonate feature does optionally take in a guard param, this is what I did:

$newUser = User::find($request->input('switch_to'));
$impersonate = Auth::user()->impersonate($newUser, 'web');

In this context, switch_to is the ID of the User that I want to impersonate, Auth::user() is the currently authenticated user, so here I pass in the user object and then $impersonate does return true.

Hopefully this helps?

@Tankonyako
Copy link

try this - #141 (comment)

@jose123v
Copy link

#188 (comment)
Sanctum/Passport uses other guard session, this only supports default session, but it could be fixed adding quietLogin and quietLogout logic.

@kobeyy
Copy link

kobeyy commented May 2, 2024

Had the same issue.
Resolved it by adding macros for the RequestGuard.
Took long to debug due to unset($e); on line 124 of all exceptions in the ImpersonateManager.

class AppServiceProvider extends ServiceProvider
{
    /**
     * Register any application services.
     */
    public function register(): void
    {
        $this->registerTokenDecoder();
        $this->registerGuard();
    }

    private function registerGuard(): void
    {
//        add methods to RequestGuard to fix issue in impersonate package https://github.com/404labfr/laravel-impersonate/issues/141
        RequestGuard::macro('quietLogin', function ($user) {
            $this->setUser($user);
        });
        RequestGuard::macro('quietLogout', function () {
            $this->forgetUser();
        });

        Auth::extend('azureb2cjwt', function () {
            return tap(new RequestGuard(new AzureB2CJwtRequestGuard($this->app->make(AzureB2CTokenDecoder::class)), request()), function ($guard) {
                // if the request changes, update the guard. This can happen when using horizon
                app()->refresh('request', $guard, 'setRequest');
            });
        });

    }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

5 participants