Level 24
@ookma-kyi If you don't want the column in the table, just delete it
or you can use
->visible(fn () => )
1 like
Jul 24, 2024
3
Level 1
Opnion on sensitive fields in the user table of admin panel
I just ran php artisan make:filament-resource User --generate and got a nice panel for the user model. However it includes some fields which I consider can be abused by moderators and admins such as Password, Two factor secret, Two factor recovery codes and Two factor confirmed at. I am looking for an opinion on if these fields are a security risk or I am just being overly cautious.
Level 75
I would not show such data. How would you even show a password anyway since it should be hashed with at least bcrypt.
1 like
Level 80
@ookma-kyi Yes, you should be explicitly controlling what fields are displayed and editable instead of just blindly generating resources, and letting all fields be editable.
1 like
Please or to participate in this conversation.