A Practical Look at Laravel Middleware

Vitalii Shloda
3 min readJul 10, 2023

--

As modern web development practices shift towards a more component-based architecture, having a firm grasp on aspects such as Middleware is crucial. Laravel, one of the most popular PHP frameworks, leverages Middleware to filter HTTP requests to your application. This article aims to provide a practical understanding of Laravel Middleware, using Laravel 10, enriched with code examples.

What is Middleware?

In Laravel, Middleware is a mechanism that provides a convenient way to filter HTTP requests entering your application. They are a series of “layers” HTTP requests that must pass through before hitting your application. Each layer can examine the request and even reject it. Common use cases include authentication checks, CSRF protection, and logging.

Defining a Middleware

Middleware in Laravel is typically stored in the app/Http/Middleware directory. Each middleware is a class with a handle the method that accepts a $request and a $next callback representing the next middleware in the chain.

Let’s define a simple middleware that validates whether a user is an admin. Create a new middleware using the make:middleware artisan command:

php artisan make:middleware IsAdmin

This command will create a new middleware class in the app/Http/Middleware directory. Open IsAdmin.php and update the handle the method is as follows:

public function handle(Request $request, Closure $next)
{
if (! $request->user()->isAdmin()) {
// If user is not an admin, redirect to home page
return redirect('home');
}

return $next($request);
}

Registering Middleware

Before using our middleware, we need to register it within our application. Laravel provides two places to register middleware: in the $middleware property of your app/Http/Kernel.php file, or in the $routeMiddleware property.

For global middleware that should run on every HTTP request to your application, add the middleware class to the $middleware property.

For middleware that will be assigned to specific routes, add the middleware class to the $routeMiddleware property. This array is used to give a short, handle-like name to your middleware. Let's add our IsAdmin middleware:

protected $routeMiddleware = [
...
'isAdmin' => \App\Http\Middleware\IsAdmin::class,
...
];

Assigning Middleware to Routes

Now that our IsAdmin middleware is defined and registered, we can assign it to routes. Here's an example of how to assign middleware to a route in your routes/web.php file:

Route::get('/admin/dashboard', function () {
// Your admin dashboard logic
})->middleware('isAdmin');

In this example, when a user attempts to access /admin/dashboard, the IsAdmin middleware will run first. If the user is an admin, they'll be allowed to proceed. If they're not an admin, they'll be redirected to the home page.

Conclusion

In this article, we’ve explored Laravel Middleware’s practical aspects, learned how to define, register, and assign middleware to routes. Middleware is a powerful feature in Laravel that can be leveraged to handle various aspects of HTTP requests efficiently. By mastering middleware, you’ll make your Laravel applications more modular, flexible, and secure. As always, happy coding!

--

--

Vitalii Shloda
Vitalii Shloda

Written by Vitalii Shloda

Software Engineer. I write about backend, data and other amazing stuff