Using Laravel Fortify / Sanctum impersonate returns false
sts-ryan-holton opened this issue · 5 comments
Hi, I'm using Laravel 10 as a backend to a Nuxt JS front-end. I've installed the package, when I send a request to login to my endpoint's function attached, my $impersonate
variable returns false, why aren't I being logged in?
/**
* Log in as a user
*
* @return \Illuminate\Http\Response
*/
public function loginAsUser(User $user, Request $request)
{
$validator = Validator::make($request->all(), [
'id' => 'required|numeric|exists:users,id'
]);
if ($validator->fails()) {
return new ApiValidationErrorResponse($validator->messages());
}
$user = User::with('company')->find(Auth::id());
// must be on the default company
if (!isset($user->company) || (isset($user->company) && !$user->company->is_system_default)) {
return new ApiSuccessResponse(null, [
'message' => "You cannot log in as other users unless on the system default company.",
], 400);
}
// double check that this user is a super admin
if (!$user->hasRole('super_admin')) {
return new ApiSuccessResponse(null, [
'message' => "You are not allowed to log in as this user.",
], 400);
}
// get the user to login as
$newUser = User::find($request->input('id'));
$impersonate = $user->impersonate($newUser);
return new ApiSuccessResponse($impersonate, [
'newuser' => $newUser,
'newuser2' => Auth::user()
]);
}
I am facing same issue
@neetu-mittal For me, interestingly, despite having the default_impersonator_guard
config set to web, I actually had to override it in the impersonate function itself. After looking through the raw code (can't find it documented) it looks like the impersonate feature does optionally take in a guard param, this is what I did:
$newUser = User::find($request->input('switch_to'));
$impersonate = Auth::user()->impersonate($newUser, 'web');
In this context, switch_to
is the ID of the User
that I want to impersonate, Auth::user()
is the currently authenticated user, so here I pass in the user object and then $impersonate
does return true.
Hopefully this helps?
try this - #141 (comment)