Global and Route Middleware in Laravel
Laravel Middleware provide a filter as well as it act as interface or Middle-Man between HTTP request and response which access the application. Middleware is a way to filter all the bad or Forgery request which try to access your Application.
Laravel Middleware Type
- Global Middleware
- Route Middleware
Before using any middleware you have to register in Kernal.php. Go to App\Http laravel project Directory, There Kernel.php file is there which have all the Global, Route middleware configure by default for you. If you want to use your custom Middleware you must register that in any one below category.
Global Middleware act on each HTTP Request which try to access the application. By default, Some Middleware is declared as Global in Kernal.php file. See the code below,
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, \App\Http\Middleware\TrustProxies::class,
];
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, \App\Http\Middleware\TrustProxies::class,
];
Route Middleware will act on specified HTTP Request which access the Application.
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
Route Group Middleware is another categories where sometime you need to apply the middleware on group of route. At that time you must have to register your Middleware in Kernal.php. See the below code of Kernal.php
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \App\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class, ], 'api' => [ 'throttle:60,1', 'bindings', ], ];
'web' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \App\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class, ], 'api' => [ 'throttle:60,1', 'bindings', ], ];
How to Create Middleware in Laravel
You can create your own custom Middleware for your usage. Below is Artisan Command for creating middleware.
php artisan make:middleware MiddlewareName
Lets Create one Custom Middleware named with MyCustomMiddleware
php artisan make:middleware MyCustomMiddleware
Below is the code sample by default in MyCustomMiddleware
class MyCustomMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
return $next($request);
}
}
Once the custom Middleware is created we must register in the Kernnal.php in App\Http\ Project directory.
Register Custom-Middleware as Global
Register MyCustomMiddleware as a Global Middleware in kernal.php file and you can use that on route. Below code is the Example to register as global.
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, \App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\MyCustomMiddleware::class,
];
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, \App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\MyCustomMiddleware::class,
];
In the above Global Middleware we have declare our MyCustomMiddleware, Now each HTTP request which will try to access the Application, will be passed and verified through this middleware. When we register our Middleware ware as a global in Kernal.php, Each HTTP Request will be filtered with this Global Middleware.
Register Custom-Middleware as Route Specific
Register MyCustomMiddleware in Kernal.php as a route specific middleware.
/**
* The application's route Specific middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'myCustom' => \App\Http\Middleware\MyCustomMiddleware::class,
];
'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'myCustom' => \App\Http\Middleware\MyCustomMiddleware::class,
];
Route specific Middleware will be applied on Specific route. So each HTTP request made on the specific route will be filtered and access to the application.
Register Custom-Middleware as Route Group Specific
Register Group Specific Route middleware in kernal.php. This we can apply on group of route like admin section Route or etc.
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \App\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\MyCustomMiddleware::class,
], 'api' => [ 'throttle:60,1', 'bindings', ], ];
'web' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \App\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\MyCustomMiddleware::class,
], 'api' => [ 'throttle:60,1', 'bindings', ], ];
Apply Middleware on Laravel Route file
In Laravel middleware act on the HTTP Request, and the HTTP Request is made through route. So after registering the Middleware in Kernel.php, now we will see how to apply the custom-middleware on route.
/* Below Example is the Example of Route Specific Middleware Declaration */
Route::get('/', function () { return view('welcome'); })->middleware('myCustom');
/* Group Route Specific Middleware Example */ Route::group(['prefix' => 'admin' , 'middleware' =>['web']], function () { Route::get('user-login','UserController@userLogin'); Route::post('user-verify','UserController@userVerify');
});
Route::get('/', function () { return view('welcome'); })->middleware('myCustom');
/* Group Route Specific Middleware Example */ Route::group(['prefix' => 'admin' , 'middleware' =>['web']], function () { Route::get('user-login','UserController@userLogin'); Route::post('user-verify','UserController@userVerify');
});