Securing Your Laravel App: A Guide to Using Middleware in Routes
Middleware is a very important functionality to understand in terms of development. In Laravel, you will have to use middleware occasionally in many cases. Today we will see how we can apply middleware for protection of Laravel routes.
Middleware works like a bridge between request and controller. It can inspect every request, where we can add logics to validate our request before proceeding to controller. Fox example, authenticating a user before logging in, user will put credentials with the request, we can check and validate if the credentials of the user are correct. if not, we can return user back with error message from a there. You can imagine it like a guard in the gate of your application, who is checking always every data getting in.
Lets Jump In
In laravel its very simple to create middleware. There are different ways that we can implement middleware for our convenience, for example in route or controller.
Lets imagine, we want to check a user's age over 18 or not, before accessing our application. Lets assume, user has to pass age value in request. We can perform this validation in a middleware like this:
1. Create a middleware with this command
php artisan make:middleware CheckAge
This will create a middleware under app/Http/Middleware directory.
2. Open the file and please add the code like below:
<?php
namespace App\Http\Middleware;
use Closure;
class CheckAge
{
public function handle($request, Closure $next)
{
if (!$request->age || $request->age < 18) {
return redirect('home');
}
return $next($request);
}
}
Please note: here we checking if the user has passed any age value with the request or his age is over 18 or not. If not, we are redirecting him back to home.
3. Now lets open the kernel.php under app/Http/Kernel.php, Here you will find $routeMiddleware where you should add the newly created middleware like this:
protected $routeMiddleware = [
// Other middleware entries...
'check.age' => \App\Http\Middleware\CheckAge::class,
];
4. Lets apply the middleware for a request. In routes/web.php file, lets add a middleware group and put the routes under it for which you want to perform age verification:
Route::middleware(['check.age'])->group(function () {
Route::get('profile', function () {
// Only accessible if age >= 18
});
});
What if I want to add middlware to a single route?
You might also want to add middleware to specific routes. For that, we can apply middleware like this:
use App\Http\Middleware\CheckAge;
Route::get('profile', function () {
// Route logic here
})->middleware(CheckAge::class);
What if I have a resource route?
If you have a resource route, you can apply the middleware like this:
use App\Http\Controllers\YourController;
Route::middleware(['check.age'])->resource('your-resource', YourController::class);
Using middleware in Laravel is very handy and beneficial for laravel applications. It helps to keep our controllers look slim and get rid of extra codings.
Hope you have found this article useful. Please let me know your thoughts in the comments or give a love to this article.
Wish you a happy day.
Comments