search

404labfr / laravel-impersonate

Laravel Impersonate is a plugin that allows you to authenticate as your users.
https://marceau.casals.fr
2k stars 202 forks source link

Seeing 403's after basic Laravel 9 install #170

Open imacrayon opened 2 years ago

imacrayon commented 2 years ago

Using Laravel 9.34.0 and stock session auth driver.

Installed the package:

"lab404/laravel-impersonate": "^1.7",

Added Impersonate trait to app\User.php:

use HasFactory, Notifiable, Impersonate;

Added the route helper at the top of routes/web.php:

Route::impersonate();

Navigating to /impersonate/take/2 displays the "403 | Forbidden" error page. Navigating to / shows I am impersonating user 2 as expected. Navigating to /impersonate/leave again displays the "403 | Forbidden" error page. Navigating to / shows I am logged in as the original user again.

Any idea why the impersonate routes are not redirecting and instead returning a 403?

warmwhisky commented 1 year ago

Same here. Did you find a solution?

warmwhisky commented 1 year ago

I was trying to login as my self as I was the only user. When I added another user it worked.

But I ran into strange behavior where sometimes it would work and other times it would just take me to the login screen when I tried to impersonate or leave impersonation.

I have my own solution to login in and I could only get the login link to work when pasting it into an incognito window. I also put a unique hash on my solution so ids cannot be guessed.

I like the idea of this package being able to login and out of another user, but from taking a look at the issues there seems to be a few unresolved issues regarding being taken to the login screen when trying to impersonate which is exactly what I experience both with this package and my own custom solution.

tonypartridger commented 1 year ago

You should not login as yourself as that just causes confusion, create another user and test that.

From: Ben Taylor @.> Sent: Tuesday, February 7, 2023 7:37:51 AM To: 404labfr/laravel-impersonate @.> Cc: Subscribed @.***> Subject: Re: [404labfr/laravel-impersonate] Seeing 403's after basic Laravel 9 install (Issue #170)

I was trying to login as my self as I was the only user. When I added another user it worked.

But I ran into strange behavior where sometimes it would work and other times it would just take me to the login screen when I tried to impersonate or leave impersonation.

I have my own solution to login in and I could only get the login link to work when pasting it into an incognito window. I also put a unique hash on my solution so ids cannot be guessed.

I like the idea of this package being able to login and out of another user, but from taking a look at the issues there seems to be a few unresolved issues regarding being taken to the login screen when trying to impersonate which is exactly what I experience both with this package and my own custom solution.

— Reply to this email directly, view it on GitHubhttps://github.com/404labfr/laravel-impersonate/issues/170#issuecomment-1420319843, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AYSFUJMCGXRD4XQVQYY4PITWWH3U7ANCNFSM6AAAAAAQ554DWA. You are receiving this because you are subscribed to this thread.Message ID: @.***>

warmwhisky commented 1 year ago

You should not login as yourself as that just causes confusion, create another user and test that.

As I said: I added another user and it worked. Though it is confusing to get a 403 and no other feedback.