ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
c5fbcaa692
TenantAtlas/resources/views/filament/pages/auth/login.blade.php
ahmido c5fbcaa692 063-entra-signin (#76) 
Key changes

Adds Entra OIDC redirect + callback endpoints under /auth/entra/* (token exchange only there).
Upserts tenant users keyed by (entra_tenant_id = tid, entra_object_id = oid); regenerates session; never stores tokens.
Blocks disabled / soft-deleted users with a generic error and safe logging.
Membership-based post-login routing:
0 memberships → /admin/no-access
1 membership → tenant dashboard (via Filament URL helpers)
>1 memberships → /admin/choose-tenant
Adds Filament pages:
/admin/choose-tenant (tenant selection + redirect)
/admin/no-access (tenantless-safe)
Both use simple layout to avoid tenant-required UI.
Guards / tests

Adds DbOnlyPagesDoNotMakeHttpRequestsTest to enforce DB-only render/hydration for:
/admin/login, /admin/no-access, /admin/choose-tenant
with Http::preventStrayRequests()
Adds session separation smoke coverage to ensure tenant session doesn’t access system and vice versa.
Runs: vendor/bin/sail artisan test --compact tests/Feature/Auth

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #76
2026-01-27 16:38:53 +00:00

37 lines
1.3 KiB
PHP
Raw Blame History

<x-filament-panels::page.simple>
<div class="flex flex-col gap-6">
@if (session('error'))
<div class="rounded-md bg-red-50 p-4 text-sm text-red-800 dark:bg-red-950/30 dark:text-red-200">
{{ session('error') }}
</div>
@endif
@php
$isConfigured = filled(config('services.microsoft.client_id'))
&& filled(config('services.microsoft.client_secret'))
&& filled(config('services.microsoft.redirect'));
@endphp
@if (! $isConfigured)
<div class="rounded-md bg-amber-50 p-4 text-sm text-amber-900 dark:bg-amber-950/30 dark:text-amber-200">
Microsoft sign-in is not configured.
</div>
@endif
<div class="flex flex-col gap-3">
<x-filament::button
tag="a"
href="{{ route('auth.entra.redirect') }}"
:disabled="! $isConfigured"
color="primary"
>
Sign in with Microsoft
</x-filament::button>
<div class="text-center text-sm text-gray-500 dark:text-gray-400">
Tenant Admin access requires a tenant membership.
</div>
</div>
</div>
</x-filament-panels::page.simple>
Reference in New Issue View Git Blame Copy Permalink