DataLinx · thapacodes4u · Oct 5, 2025
diff --git a/config/eclipse-frontend.php b/config/eclipse-frontend.php
@@ -0,0 +1,15 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Multi-tenancy config
+    |--------------------------------------------------------------------------
+    */
+    'tenancy' => [
+        'enabled' => false,
+        'model' => null,
+        'foreign_key' => null,
+    ],
+];
diff --git a/config/frontend-panel.php b/config/frontend-panel.php
diff --git a/src/Http/Middleware/CheckFrontendFeatures.php b/src/Http/Middleware/CheckFrontendFeatures.php
@@ -0,0 +1,78 @@
+<?php
+
+namespace Eclipse\Frontend\Http\Middleware;
+
+use Closure;
+use Eclipse\Core\Services\Registry;
+use Exception;
+use Filament\Facades\Filament;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+use Symfony\Component\HttpFoundation\Response;
+
+class CheckFrontendFeatures
+{
+    public function handle(Request $request, Closure $next): Response
+    {
+        $routeName = $request->route()?->getName();
+
+        if (! $routeName) {
+            return $next($request);
+        }
+
+        $site = Registry::getSite();
+
+        if (! $site) {
+            return $next($request);
+        }
+
+        if ($this->isAuthRoute($routeName) && ! $this->getSetting($site->id, 'enable_logins')) {
+            abort(404);
+        }
+
+        if ($this->isRegisterRoute($routeName) && ! $this->getSetting($site->id, 'allow_registration')) {
+            abort(404);
+        }
+
+        if (! $this->isAuthRoute($routeName) && ! $this->isRegisterRoute($routeName)) {
+            $guestAccess = $this->getSetting($site->id, 'guest_access');
+            $enableLogins = $this->getSetting($site->id, 'enable_logins');
+
+            if (! $guestAccess && ! Filament::auth()->check()) {
+                if ($enableLogins) {
+                    return redirect()->route('filament.frontend.auth.login');
+                }
+
+                abort(404);
+            }
+        }
+
+        return $next($request);
+    }
+
+    private function isAuthRoute(string $routeName): bool
+    {
+        return str_contains($routeName, '.auth.login')
+            || str_contains($routeName, '.auth.password-reset');
+    }
+
+    private function isRegisterRoute(string $routeName): bool
+    {
+        return str_contains($routeName, '.auth.register');
+    }
+
+    private function getSetting(int $siteId, string $settingName): bool
+    {
+        try {
+            $value = DB::table('settings')
+                ->where('group', 'frontend')
+                ->where('name', $settingName)
+                ->where('site_id', $siteId)
+                ->value('payload');
+
+            return $value !== null ? json_decode($value) : true;
+        } catch (Exception $e) {
+            return true;
+        }
+    }
+}
diff --git a/src/Pages/Auth/Login.php b/src/Pages/Auth/Login.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace Eclipse\Frontend\Pages\Auth;
+
+use Eclipse\Core\Services\Registry;
+use Filament\Facades\Filament;
+use Filament\Pages\Auth\Login as BaseLogin;
+use Illuminate\Support\Facades\DB;
+
+class Login extends BaseLogin
+{
+    public function mount(): void
+    {
+        if (! $this->allowRegistration()) {
+            Filament::getCurrentPanel()?->registration(false);
+        }
+
+        parent::mount();
+    }
+
+    private function allowRegistration(): bool
+    {
+        try {
+            $site = Registry::getSite();
+
+            if (! $site) {
+                return true;
+            }
+
+            $allowRegistration = DB::table('settings')
+                ->where('group', 'frontend')
+                ->where('name', 'allow_registration')
+                ->where('site_id', $site->id)
+                ->value('payload');
+
+            return $allowRegistration !== null ? json_decode($allowRegistration) : true;
+        } catch (\Exception $e) {
+            return true;
+        }
+    }
+}
diff --git a/src/Providers/FrontendPanelProvider.php b/src/Providers/FrontendPanelProvider.php
@@ -2,16 +2,15 @@
 
 namespace Eclipse\Frontend\Providers;
 
-use BezhanSalleh\FilamentShield\Middleware\SyncShieldTenant;
 use Eclipse\Common\Providers\GlobalSearchProvider;
-use Eclipse\Core\Models\Site;
 use Eclipse\Core\Services\Registry;
 use Eclipse\Frontend\Filament\Pages as CustomPages;
-use Filament\Http\Middleware\Authenticate;
+use Eclipse\Frontend\Http\Middleware\CheckFrontendFeatures;
+use Eclipse\Frontend\Pages\Auth\Login;
+use Filament\Facades\Filament;
 use Filament\Http\Middleware\AuthenticateSession;
 use Filament\Http\Middleware\DisableBladeIconComponents;
 use Filament\Http\Middleware\DispatchServingFilamentEvent;
-use Filament\Pages;
 use Filament\Panel;
 use Filament\PanelProvider;
 use Filament\Support\Colors\Color;
@@ -43,28 +42,23 @@ public function panel(Panel $panel): Panel
             SubstituteBindings::class,
             DisableBladeIconComponents::class,
             DispatchServingFilamentEvent::class,
+            CheckFrontendFeatures::class,
         ];
 
-        $widgets = [];
-        $pages = [];
+        $widgets = [
+            Widgets\AccountWidget::class,
+            Widgets\FilamentInfoWidget::class,
+        ];
+
+        $pages = [
+            CustomPages\Home::class,
+        ];
 
-        if ($this->allowGuestAccess()) {
-            $middleware[] = AuthenticateSession::class;
-            $pages[] = CustomPages\Home::class;
-        } else {
-            $widgets = array_merge($widgets, [
-                Widgets\AccountWidget::class,
-                Widgets\FilamentInfoWidget::class,
-            ]);
-            $pages[] = Pages\Dashboard::class;
-        }
+        $middleware[] = AuthenticateSession::class;
 
         $panel
             ->id(self::PANEL_ID)
             ->path('')
-            ->login()
-            ->passwordReset()
-            ->emailVerification()
             ->colors([
                 'primary' => Color::Cyan,
                 'gray' => Color::Slate,
@@ -83,33 +77,26 @@ public function panel(Panel $panel): Panel
                 Platform::Mac => '⌘K',
                 default => null,
             })
-            ->tenant(Site::class, slugAttribute: 'domain')
-            ->tenantDomain('{tenant:domain}')
-            ->tenantMiddleware([
-                SyncShieldTenant::class,
-            ], isPersistent: true)
-            ->tenantMenu(false)
             ->widgets($widgets)
             ->middleware($middleware)
             ->plugins(array_merge([
                 EnvironmentIndicatorPlugin::make(),
             ], app(Registry::class)->getPlugins()));
 
-        match ($this->allowGuestAccess()) {
-            true => $panel
-                ->renderHook(
-                    PanelsRenderHook::TOPBAR_END,
-                    fn () => view('frontend-panel::filament.components.theme-switcher')
-                ),
-            false => $panel
-                ->authMiddleware([
-                    Authenticate::class,
-                ])
-                ->renderHook(
-                    PanelsRenderHook::HEAD_START,
-                    fn (): string => self::getThemeIsolationScript(self::PANEL_ID)
-                )
-        };
+        $panel
+            ->login(Login::class)
+            ->passwordReset()
+            ->registration();
+
+        $panel
+            ->renderHook(
+                PanelsRenderHook::TOPBAR_END,
+                fn () => ! Filament::auth()->check() ? view('frontend-panel::filament.components.theme-switcher') : ''
+            )
+            ->renderHook(
+                PanelsRenderHook::HEAD_START,
+                fn (): string => self::getThemeIsolationScript(self::PANEL_ID)
+            );
 
         return $panel;
     }
@@ -133,9 +120,4 @@ private static function getThemeIsolationScript(string $panelId): string
             });
         </script>";
     }
-
-    private function allowGuestAccess(): bool
-    {
-        return config('frontend-panel.guest_access');
-    }
 }
diff --git a/tests/Feature/FrontendAccessSettingsTest.php b/tests/Feature/FrontendAccessSettingsTest.php
@@ -0,0 +1,86 @@
+<?php
+
+use Illuminate\Support\Facades\DB;
+
+describe('Settings Management', function () {
+    it('stores settings by site_id', function () {
+        $siteModel = config('eclipse-frontend.tenancy.model');
+        $site1 = $siteModel::factory()->create(['domain' => 'site1.test']);
+        $site2 = $siteModel::factory()->create(['domain' => 'site2.test']);
+
+        setSetting($site1->id, 'guest_access', false);
+        setSetting($site2->id, 'guest_access', true);
+
+        $setting1 = DB::table('settings')
+            ->where('group', 'frontend')
+            ->where('name', 'guest_access')
+            ->where('site_id', $site1->id)
+            ->value('payload');
+
+        $setting2 = DB::table('settings')
+            ->where('group', 'frontend')
+            ->where('name', 'guest_access')
+            ->where('site_id', $site2->id)
+            ->value('payload');
+
+        expect(json_decode($setting1))->toBeFalse()
+            ->and(json_decode($setting2))->toBeTrue();
+    });
+
+    it('allows different sites to have different access control settings', function () {
+        $siteModel = config('eclipse-frontend.tenancy.model');
+        $site1 = $siteModel::where('domain', 'singa.lndo.site')->first();
+        $site2 = $siteModel::factory()->create(['domain' => 'site2.test']);
+
+        setSetting($site1->id, 'enable_logins', true);
+        setSetting($site1->id, 'allow_registration', false);
+
+        setSetting($site2->id, 'enable_logins', false);
+        setSetting($site2->id, 'allow_registration', true);
+
+        $logins1 = json_decode(DB::table('settings')
+            ->where('site_id', $site1->id)
+            ->where('name', 'enable_logins')
+            ->value('payload'));
+
+        $registration1 = json_decode(DB::table('settings')
+            ->where('site_id', $site1->id)
+            ->where('name', 'allow_registration')
+            ->value('payload'));
+
+        $logins2 = json_decode(DB::table('settings')
+            ->where('site_id', $site2->id)
+            ->where('name', 'enable_logins')
+            ->value('payload'));
+
+        $registration2 = json_decode(DB::table('settings')
+            ->where('site_id', $site2->id)
+            ->where('name', 'allow_registration')
+            ->value('payload'));
+
+        expect($logins1)->toBeTrue()
+            ->and($registration1)->toBeFalse()
+            ->and($logins2)->toBeFalse()
+            ->and($registration2)->toBeTrue();
+    });
+
+    it('updates existing settings', function () {
+        $siteModel = config('eclipse-frontend.tenancy.model');
+        $site = $siteModel::where('domain', 'singa.lndo.site')->first();
+
+        setSetting($site->id, 'guest_access', true);
+        $first = json_decode(DB::table('settings')
+            ->where('site_id', $site->id)
+            ->where('name', 'guest_access')
+            ->value('payload'));
+
+        setSetting($site->id, 'guest_access', false);
+        $second = json_decode(DB::table('settings')
+            ->where('site_id', $site->id)
+            ->where('name', 'guest_access')
+            ->value('payload'));
+
+        expect($first)->toBeTrue()
+            ->and($second)->toBeFalse();
+    });
+});