jeffgreco13 / filament-breezy Goto Github PK

Filament v3 has been released. Will you be supporting it?

I have created a class to overwrite the PersonalInfo component:

class PersonalInfo extends \Jeffgreco13\FilamentBreezy\Livewire\PersonalInfo
{
    public array $only = ['name','name_display', 'email'];

    public function getProfileFormSchema(): array
    {
        return [
            TextInput::make("name")
                ->columnSpanFull()
                ->label("Benutzername")
                ->hint("Änderbar nur durch Admins")
                ->disabled(fn(): bool => ! $this->user->hasRole([User::ROLE_SUPER_ADMIN, User::ROLE_ADMIN])),
            TextInput::make("name_display")
                ->label("Anzeigename")
                ->columnSpanFull()
                ->hint("zB. Vor- und Familienname"),
            TextInput::make("email")->unique(config('filament-breezy.user_model'), ignorable: $this->user)
                ->disabled(fn(): bool => ! $this->user->hasRole([User::ROLE_SUPER_ADMIN, User::ROLE_ADMIN]))
                ->hint("Änderbar nur durch Admins")
                ->columnSpanFull()
                ->label("E-Mail"),
        ];
    }
}

and registered it:

BreezyCore::make()
    ->myProfileComponents([
        'personal_info' => PersonalInfo::class
    ])

The field exists in the table:

But I cant update it. After save the field disapears. When I reload the page, the old value is show:

Hi,

on route /admin/password/request after you submit your email, there is no notification that the email was sent and also the email stays in the form - probably should be cleared.

I think it has to do with the latest notification system update in filament.

Thanks for a nice package.

(I tried to request a feature but got a 404, so I apologize for submitting this in this manner.)

Wouldn't it be more secure to require a user to submit their current password when changing their password?

That's my feature request: that the user must supply their current password when changing their password.

Hope that makes sense. 🤓

I followed your instructions "Create custom My Profile components" and used it to overwrite the 'personal_info' section:

class MyProfileComponent extends \Jeffgreco13\FilamentBreezy\Livewire\MyProfileComponent
{
    protected string $view = "livewire.admin.my-profile-component";
    public array $data;


    public function form(Form $form): Form
    {
        return $form
            ->schema([
                Placeholder::make("test")
                    ->content(fn($record) => json_encode($record)),
                TextInput::make("name")
                    ->hint("Changable just by Admins")
                    ->disabled(fn(): bool => !auth()->user()->hasRole([User::ROLE_SUPER_ADMIN, User::ROLE_ADMIN]))
            ])
            ->statePath('data');
    }
}

This gives me the following:

As you can see, I can't access any data and the name field is empty, which is wrong.

Similar code worked in V1. I updated to v2.1.3.

The current package lacks functionality that automatically expires passwords, which is crucial for enhancing the security of user accounts. I propose to address this by implementing a password expiration feature to enforce regular password updates and reduce the risk of unauthorized access. Password expiration is a widely accepted security practice that prompts users to change their passwords regularly, thereby minimizing the impact of compromised or weak passwords.

To overcome this limitation and encourage better security practices, I recommend implementing a password expiration function with the following features:

• Introduce a configuration option to enable password expiration
• Introduce a configuration option to specify the duration (in days) for password validity
• Introduce a configuration option to enable password expiration notification (none, mail, database as an array of options)
• Introduce a configuration option to specify the notification period (in days) for password expiration. This option will take an array of notification days to allow for multiple notifications to be sent.
• Develop a notification mechanism to alert users when their password expiration date is approaching. The notification methods will support DB notifications and email.
• Implement middleware that checks the users.updated_at field and redirects users to a password reset page when necessary.

If you are interested in contributing to the development of this feature or have any suggestions, please leave your comments on this issue.

I'm getting this error when running composer update:

Access level to JeffGreco13\FilamentBreezy\Traits\HasBreezyTwoFactor::getCachedAction() must be public (as in class Filament\Pages\Page)

at vendor/jeffgreco13/filament-breezy/src/Traits/HasBreezyTwoFactor.php:92
     88▕
     89▕         return $actions;
     90▕     }
     91▕
  ➜  92▕     protected function getCachedAction(string $name): ?Action
     93▕     {
     94▕         return $this->getCachedActions(false)[$name] ?? null;
     95▕     }
     96▕

Looks like Filament might have updated their methods in the Page class.

The pull request #116 that was merged breaks email verification because it added the __construct method which added authentication middleware but the middleware was not namespaced correctly and breaks as it is looking for JeffGreco13\FilamentBreezy\Http\Controllers\Authenticate class. Should be Filament\Http\Middleware\Authenticate::class.

strtolower is used in the following views:

• register.blade.php
• login.blade.php
• reset-password.blade.php

This prevents the correct translation of case-sensitive languages (namely German).

By removing strtolower, we'd end up with a text like "Oder Erstellen Sie ein Konto". That means, the E in Erstellen is capitalized because it comes from another heading (that correctly is capitalized). The E in German should be lower case.

One alternative that might avoid breakages and would work in German as well is to lower case only the first character with lcfirst. We'd then have "Oder erstellen Sie ein Konto", which is correct (that's what I do locally).

Suggestion: replace strtolower by lcfirst on the templates above.

I am trying to use another fields for my registration form, like mobile instead of email.
I tried to override the class registration, creating a Register class in App\Http\Livewire\Auth and extending FilamentBreezyRegister.
I registered a route for the /register in web.php: Route::get('/register', App\Http\Livewire\Auth\Register::class). But the route doesn't work, instead it goes with the package default route and the default Register class.
If i load my Package ServiceProviders before the RoutingServiceProvider, i will be able to override the Package routes within my routes but i guess there should be a better way that I'm missing.

Sorry for the mess before, i mistook the packages name. Thanks for the awesome work you have done.

Hey there! First of all, thanks for making such a great package!

I see that the password confirmation input is hard-coded in the Register.php form schema. There are a lot of criticism regarding a field like this. I think it would be really nice to have the configuration option to disable it. Maybe by using a ->when() method chain?

See uxmovement.com, ux.stackexchange.com, and about 377 000 000 more results on Google.

An additional feature that I think would be amazing that is useful both when there is a confirmation field and not is to have a way to show the password in plain text as is suggested in Sign-in form best practices at web.dev as this is great for both UX and accessibility.

Sidenote, on the issues page there are links to create discussions, however, the discussion page is not enabled.

Hello!

I'm using on filament a different model (UserAdminPanel.php) than the basic one (User.php) that uses "session" instead of "jwt". When I register a person, it stores the user on DB correctly and tries automatically to make the login but it fails.

Then the normal login works with the created user, so I believe it's an error of abstraction on the plugin.

Thank you in advance!

Hello,

I hope this message finds you well. I am writing to report an issue related to the usage of Filament v3 and Breezy v2 in our project. It has come to our attention that when the panel incorporates Tenancy, the my-profile page fails to function as expected. This is because the application expects a tenant id.

Steps to Reproduce:

1. Install Filament v3 and Breezy v2 in the project.
2. Configure the panel to include Tenancy.
3. Navigate to the my-profile page.

Expected Behavior:
The my-profile page should function correctly, regardless of the Tenancy configuration.

Actual Behavior:
Upon accessing the my-profile page with Tenancy enabled, the page does not work as intended, leading to an error.

Screenshot:

Best regards,
Tygo Egmond

I may not been clear in my question.
Each time refreshing database with migrate:refresh i need to do all permissions again. As all permissions are stored in database it would be deleted.
Maybe when i go in production mode and all the permissions are fixed then i should make a seeder, but now when developing How to backup the permissions so after refresh it doesn't go a way?

Even though I enter the code I get from the application on the application screen, it constantly says that the 6-digit code I get is incorrect. And I cannot make progress.

Hi,
I'm trying to install 2.x on fresh laravel 10 Filament 3, an error appears :

Error 

 Class "Filament\Pages\CardPage" not found

 at vendor/jeffgreco13/filament-breezy/src/Pages/TwoFactorPage.php:19
    15▕ use Filament\Http\Controllers\Auth\LogoutController;
    16▕ use Jeffgreco13\FilamentBreezy\Facades\FilamentBreezy;
    17▕ use DanHarrin\LivewireRateLimiting\Exceptions\TooManyRequestsException;
    18▕ 
 ➜  19▕ class TwoFactorPage extends CardPage
    20▕ {
    21▕     use WithRateLimiting;
    22▕ 
    23▕     protected static string $view = 'filament-breezy::filament.pages.two-factor';

Thanks

Hello,

I tried to add CheckBoxList to register page but it doesn't work, Livewire doesnt want to put data in array when class property is defined as array and if I define property as string, Livewire only keeps the last value.

Any idea?

After the last update for notifications, after you click SUBMIT on route /password/reset you get an error:

Symfony\Component\Routing\Exception\RouteNotFoundException: Route [password.reset] not defined

Description

I don't think the 2FA QR code and recovery code instructions should be shown once a user has completed 2FA setup. Additionally, I don't think the store_codes message should be shown either, especially not since it shows up in duplicate if one clicks on the button to show the recovery codes.

Expected result

Here's a screenshot of what I think the widget should look like once setup is complete.

Hi!
I am trying out Filament 3 and I installed your released version v2.0.0-beta2 which has been optimized for Filament 3.

Unfortunately this release seems to be buggy, because the SimplePage, that is used inside of

class TwoFactorPage extends SimplePage

is no longer supported since Filament 3.
It was different in your previous release Beta1 and now again in Beta2. What was the issue or was that a mistake?

In the latest release of Filament, v2.13.24 something somehow changed to the Page.php, this breaks the HasBreezyTwoFactor.php.
See screenshot. I'm not quite sure why this change was introduced in Filament, and I am not sure how to fix this in filament-breezy, since this needs to be backwards compatible too.

filamentphp/filament@v2.13.23...v2.13.24

Hello,

I'm implementing this package on my filament app, and found that some strings cannot be translated as they're not on the lang file. These are (that I know):

• Account
• My profile
• Profile
• Or sign in to your account
• Check your inbox for instructions.
• Error: please try again later.
• Please wait before trying again.
• User with this email not found.

I have been unable to translate using a json file as I usually do with "automated" filament strings (like menu links or page headers).

I'm willing to contribute a translation to spanish, would love to have all the strings translated.

I've set login_fallback_field in the config to 'username'

Login works as expected.

On the Profile page, the second field is hardcoded to 'email' rather than obeying the login field config setting.

protected function getUpdateProfileFormSchema(): array
    {
        return [
            Forms\Components\TextInput::make("name")
                ->label(__('filament-breezy::default.fields.name')),
            Forms\Components\TextInput::make("email")->unique(ignorable: $this->user)
                ->label(__('filament-breezy::default.fields.email')),
        ];
    }

Should this not follow the fallback_login_field setting in the config?

Happy to submit a PR.

V2:Avatar not working

The Profile component uses App\Models\User path instead of the path from the config file.

After installing breezy, when i deploy to production, i have been getting the following errors when running the caching commands

artisan config:cache
Your configuration files are not serializable.

artisan route:cache
Unable to prepare route [password/reset] for serialization. Another route has already been assigned name [password.request].

Which version of Profile, to use for Filament v2.x?

Using the Issues here because Discussions are unavailable.

I am looking to add Spatie Welcome Notification package because I believe it makes sense to send an email to new users created by an admin to allow them to set their own password.

Here’s the package:
https://github.com/spatie/laravel-welcome-notification

Since this is my first Filament project (have already used plain Laravel and Backpack several times), any tips/guidance on how to do this are welcome!

I can't find out how to disable reset/forgot password route and feature

I am unable to access register, login or reset password. I am using nginx server. All other frontend pages works perfectly fine but unable to access login, register and password reset page.
Routes:
mydomain.com/admin/login
mydomain.com/admin/register
mydomain.com/admin/password/reset

It is giving me 404 Not Found (nginx error).

How can i add custom email rule in Email Field under my profile?

Is there any plan to implement browser sessions management UI like in Laravel Jetstream?

https://jetstream.laravel.com/2.x/features/browser-sessions.html

I suggest that we should check whether the email record exists in the database before updating My PROFILE Page. Otherwise, if we enter an existing email, the database will throw a uniqueness error.

Hi. I suspect I'm doing something wrong, but I've installed this package as instructed, added MustVerifyEmail to the User role, updated the filament config to use the new Login class, and marked all of Filament as protected by EnsureEmailIsVerified middleware. When I try to login as an existing user I get the prompt to initiate a new verification email, the email arrives, and has the proper format (https://mysite.test/admin/email/verify/<user_id>/<hash>?expires=<timestamp>&signature=<signature>).

But when I click on that verify link, I'm just 302 redirected to /admin/login and the users table is not updated to reflect the verification.

I've verified that the full route exists as expected. Telescope says of the request:

Controller Action 
JeffGreco13\FilamentBreezy\Http\Controllers\EmailVerificationController@__invoke

Middleware 
Illuminate\Cookie\Middleware\EncryptCookies, Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse, Illuminate\Session\Middleware\StartSession, Illuminate\Session\Middleware\AuthenticateSession, Illuminate\View\Middleware\ShareErrorsFromSession, Illuminate\Foundation\Http\Middleware\VerifyCsrfToken, Illuminate\Routing\Middleware\SubstituteBindings, Filament\Http\Middleware\DispatchServingFilamentEvent, Filament\Http\Middleware\MirrorConfigToSubpackages, Filament\Http\Middleware\Authenticate, signed

Is there something else I need to do to make sure the User model is updated as verified?

Thank you.

We're setting up Filament with Breezy and want our admins to be able to use 2FA, so we've enabled it in the config. We've also configured admin panel access based on the email domain as described in the filament docs. Now if a user logs in via Filament it's all working fine. But if the user uses the login page of the app and then goes to Filament there is no 2FA prompt, completely bypassing it. Should we configure someting differently or is this a bug?

I noticed that one cannot cache the configuration out of the box because of the following:

    /*
    | Set an array that's compatible with the Filament Forms rules() method. You can also pass an instance of \Illuminate\Validation\Rules\Password::class. Rules for required and confirmed are already set. These rules will apply to the My Profile, registration, and password reset forms.
    */
    "password_rules" => [\Illuminate\Validation\Rules\Password::min(8)],

I receive the following error: Error::("Call to undefined method Illuminate\Validation\Rules\Password::__set_state()")

It may be that this is an issue with Password in that it's not serializable, but until/unless that's changed, perhaps a warning should be added to the comments or an alternative set of default rules should be provided.

Using Sanctum, it's possible to define a custom model to use for personal access tokens. In the boot() method of a service provider, Laravel's docs note that you can do so like this:

Sanctum::usePersonalAccessTokenModel(\App\Models\CustomTokenModel::class);

However, this isn't respected by the Filament Breezy package, which is hard-coded to return a Laravel\Sanctum\PersonalAccessToken class. Instead, I think it should probably reference Laravel\Sanctum::$personalAccessTokenModel.

Thanks for a great package :)

Hello,

more of a question really. Wouldn't it make sense to split up the profile form into separate components? That way we could just use these components if we want to add sections to the profile. Right now we have to publish the whole profile template. This also means that any changes that happen in the future have to be manually re-added to the published template.

Cheers!

Hi

My logon form does not show a "password reset link". The options in the breezy-config file haven't been changed. Any idea what I missed?

Hi thanks for the good package you provide to community.
When i have many models like more than 10, In roles page (for each role) takes too much time to modify permissions. As i see in network request, the response for each modification takes a lot of resources and heavy in size (+600kb).
I'm not sure how to make it faster.

I'm a new Filament user, and I'm trying out V3. I've installed everything correctly as a new project, but I've noticed a few things.

Once an avatar has successfully uploaded and is stored in the database, it doesn't show in the menu bar (where the user's initials would originally be). The code for a background-image is there, but it seems to be loading without the storage prefix.

Is there some steps that I'm missing?

And then when I add /storage/ in dev tools:

Issue create because #125

production.ERROR: Undefined variable $plain_text_token 
{"view":{"view":"/home/**/public_html/vendor/jeffgreco13/filament-breezy/resources/views/components/sections/sanctum.blade.php","data":[]},"userId":1,"exception":"[object] (Spatie\LaravelIgnition\Exceptions\ViewException(code: 0): 
Undefined variable $plain_text_token at /home/**/public_html/vendor/jeffgreco13/filament-breezy/src/../resources/views/components/sections/sanctum.blade.php:16)

->getDomain() was changed to ->getDomains() in this Filament PR

Hi there,

I am starting to use the filament breezy implementation in a new project.
I need the users to force setting up an 2FA, so no opt-in.

I found out in your Login component how to do this, except I am not sure how to then force the user to generate the code. I don't see the possibility to generate the QR code. This is only possible on the profile page?

How to do this right after login?

In case I would like to add a hyperlink on a non-filament page to the registration page (e.g. on my landing page), this hyperlinks don't work. (<a href="/admin/register">Sign up</a>)

The hyperlink to the login page works well and then from there the navigation link to the registration also works fine. But not from outside of filament.

After I once go through the login page to the registration, it starts also work from the landing page. It feels like the registration page is not created on boot or something.

(registration url is also fine when typed in manually)

ERROR There are no commands defined in the "breezy" namespace. in laravel 10.
filament-breezy: 2.0
filamentphp:^2.0

Hello,

Maybe this can be done by configuration.
Or can the same field accept both email or login ?

Hello,

using

php artisan make:livewire MyCustomComponent

and registering it via method

BreezyCore::make()
->myProfileComponents([MyCustomComponent::class])

seems to show the livewire component twice in profile. The issue seems to be in file src/BreezyCore.php, method:

public function boot(Panel $panel): void
{
    if ($this->myProfile) {
        Livewire::component('personal_info', PersonalInfo::class);
        Livewire::component('update_password', UpdatePassword::class);
        $this->myProfileComponents(array_merge([    <----------- appends component
            'personal_info' => PersonalInfo::class,
            'update_password' => UpdatePassword::class
        ], $this->registeredMyProfileComponents)); 

and/or this method:

public function myProfileComponents(array $components)
{
    $this->registeredMyProfileComponents = [
        ...$this->registeredMyProfileComponents,
        ...$components,  
    ];

    return $this;
}

Basically method myProfileComponents gets called twice: once in AppProvider and BreezyCore

Version: v2.1.1