fix: use system session cookie for livewire

2026-02-27 00:54:57 +01:00 · 2026-02-27 00:54:57 +01:00 · 98a3e421f9
commit 98a3e421f9
parent 0e879be2cd
3 changed files with 60 additions and 2 deletions
--- a/app/Http/Middleware/UseSystemSessionCookieForLivewireRequests.php
+++ b/app/Http/Middleware/UseSystemSessionCookieForLivewireRequests.php
@ -0,0 +1,54 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Str;
+use Symfony\Component\HttpFoundation\Response;
+
+class UseSystemSessionCookieForLivewireRequests
+{
+    /**
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        if (! $this->shouldUseSystemCookie($request)) {
+            return $next($request);
+        }
+
+        $originalCookieName = (string) config('session.cookie');
+
+        config(['session.cookie' => $this->systemCookieName()]);
+
+        try {
+            return $next($request);
+        } finally {
+            config(['session.cookie' => $originalCookieName]);
+        }
+    }
+
+    private function shouldUseSystemCookie(Request $request): bool
+    {
+        if (
+            ! $request->is('livewire-*/update')
+            && ! $request->is('livewire-*/upload-file')
+            && ! $request->is('livewire-*/preview-file/*')
+        ) {
+            return false;
+        }
+
+        $refererPath = parse_url((string) $request->headers->get('referer', ''), PHP_URL_PATH) ?? '';
+        $refererPath = '/'.ltrim((string) $refererPath, '/');
+
+        return $refererPath === '/system' || str_starts_with($refererPath, '/system/');
+    }
+
+    private function systemCookieName(): string
+    {
+        return Str::slug((string) config('app.name', 'laravel')).'-system-session';
+    }
+}
--- a/app/Providers/Filament/SystemPanelProvider.php
+++ b/app/Providers/Filament/SystemPanelProvider.php
@ -54,10 +54,10 @@ public function panel(Panel $panel): Panel
                'ensure-correct-guard:platform',
                DisableBladeIconComponents::class,
                DispatchServingFilamentEvent::class,
-            ])
+            ], isPersistent: true)
            ->authMiddleware([
                Authenticate::class,
                'ensure-platform-capability:'.PlatformCapabilities::ACCESS_SYSTEM_PANEL,
-            ]);
+            ], isPersistent: true);
    }
 }
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@ -11,6 +11,10 @@
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware): void {
+        $middleware->web(prepend: [
+            \App\Http\Middleware\UseSystemSessionCookieForLivewireRequests::class,
+        ]);
+
        $middleware->alias([
            'ensure-correct-guard' => \App\Http\Middleware\EnsureCorrectGuard::class,
            'ensure-platform-capability' => \App\Http\Middleware\EnsurePlatformCapability::class,