Seeing 403's after basic Laravel 9 install

[imacrayon]

Using Laravel 9.34.0 and stock session auth driver.

Installed the package:

"lab404/laravel-impersonate": "^1.7",

Added Impersonate trait to app\User.php:

use HasFactory, Notifiable, Impersonate;

Added the route helper at the top of routes/web.php:

Route::impersonate();

Navigating to /impersonate/take/2 displays the "403 | Forbidden" error page.
Navigating to / shows I am impersonating user 2 as expected.
Navigating to /impersonate/leave again displays the "403 | Forbidden" error page.
Navigating to / shows I am logged in as the original user again.

Any idea why the impersonate routes are not redirecting and instead returning a 403?

[warmwhisky]

Same here. Did you find a solution?

[warmwhisky]

I was trying to login as my self as I was the only user. When I added another user it worked.

But I ran into strange behavior where sometimes it would work and other times it would just take me to the login screen when I tried to impersonate or leave impersonation.

I have my own solution to login in and I could only get the login link to work when pasting it into an incognito window. I also put a unique hash on my solution so ids cannot be guessed.

I like the idea of this package being able to login and out of another user, but from taking a look at the issues there seems to be a few unresolved issues regarding being taken to the login screen when trying to impersonate which is exactly what I experience both with this package and my own custom solution.

[tonypartridger]

You should not login as yourself as that just causes confusion, create another user and test that.

…

________________________________ From: Ben Taylor ***@***.***> Sent: Tuesday, February 7, 2023 7:37:51 AM To: 404labfr/laravel-impersonate ***@***.***> Cc: Subscribed ***@***.***> Subject: Re: [404labfr/laravel-impersonate] Seeing 403's after basic Laravel 9 install (Issue #170) I was trying to login as my self as I was the only user. When I added another user it worked. But I ran into strange behavior where sometimes it would work and other times it would just take me to the login screen when I tried to impersonate or leave impersonation. I have my own solution to login in and I could only get the login link to work when pasting it into an incognito window. I also put a unique hash on my solution so ids cannot be guessed. I like the idea of this package being able to login and out of another user, but from taking a look at the issues there seems to be a few unresolved issues regarding being taken to the login screen when trying to impersonate which is exactly what I experience both with this package and my own custom solution. — Reply to this email directly, view it on GitHub<#170 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AYSFUJMCGXRD4XQVQYY4PITWWH3U7ANCNFSM6AAAAAAQ554DWA>. You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[warmwhisky]

You should not login as yourself as that just causes confusion, create another user and test that.

As I said: I added another user and it worked. Though it is confusing to get a 403 and no other feedback.