Home >PHP Framework >Laravel >How to Implement Custom Middleware and Filters in Laravel Applications?
Implementing Custom Middleware:
Laravel's middleware provides a powerful mechanism for filtering HTTP requests entering your application. Creating custom middleware allows you to inject your own logic into the request lifecycle. Here's a step-by-step guide:
php artisan make:middleware CheckAge
. This creates a new middleware file in app/Http/Middleware/CheckAge.php
.handle
method of your middleware, you'll place your custom logic. This method receives a request ($request
) and a closure ($next
). The closure represents the next middleware or the route handler. Example:<code class="php"><?php namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; class CheckAge { /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse */ public function handle(Request $request, Closure $next) { if ($request->age </code>
app/Http/Kernel.php
. Add it to the $routeMiddleware
array:<code class="php">protected $routeMiddleware = [ // ... other middleware ... 'checkage' => \App\Http\Middleware\CheckAge::class, ];</code>
routes/web.php
or routes/api.php
file:<code class="php">Route::get('/profile', [ProfileController::class, 'show'])->middleware('checkage');</code>
Implementing Custom Filters (Note: Laravel's terminology generally uses "middleware" instead of "filters"):
While Laravel doesn't explicitly use the term "filter" in the same way as some older frameworks, middleware effectively serves the same purpose. The code example above demonstrates a filter-like behavior by checking the age and redirecting if the condition isn't met. The handle
method within the middleware acts as the filter function.
handle
method. This improves testability and maintainability.Laravel provides built-in middleware for authentication (auth
) and authorization (auth.basic
, can
, etc.). You can use these directly or create custom middleware to extend or customize authentication/authorization logic.
Example using built-in middleware:
<code class="php">Route::get('/profile', [ProfileController::class, 'show'])->middleware('auth'); //Requires authentication Route::get('/admin', [AdminController::class, 'index'])->middleware('auth', 'admin'); //Requires authentication and admin role (assuming you have an 'admin' middleware defined) </code>
Example of custom authorization middleware:
<code class="php"><?php namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; class CheckAdmin { public function handle(Request $request, Closure $next) { if (Auth::check() && Auth::user()->isAdmin()) { return $next($request); } abort(403, 'Unauthorized'); // Return 403 Forbidden if not an admin } }</code>
Remember to register this CheckAdmin
middleware in your app/Http/Kernel.php
file.
try...catch
blocks to gracefully manage errors.$routeMiddleware
array of app/Http/Kernel.php
. A common mistake is forgetting this step, rendering the middleware ineffective.The above is the detailed content of How to Implement Custom Middleware and Filters in Laravel Applications?. For more information, please follow other related articles on the PHP Chinese website!