What are laravel middlewares?

Middleware includes: 1. Authenticate; 2. CheckForMaintenanceMode; 3. EncryptCookies; 4. RedirectIfAuthenticated; 5. TrimStrings; 6. TrustProxies and so on.

The operating environment of this tutorial: Windows 7 system, Laravel 6 version, Dell G3 computer.

Laravel’s own middleware

Laravel comes with some middleware, including authentication, CSRF protection, etc. Which middleware is specifically enabled by Laravel can be viewed through the app\Http\Kernel.php file. For middleware starting with \App\Http\Middleware\ (located in the app/Http/Middleware directory), we can customize the behavior of the middleware.

Authenticate middleware

Source file: app\Http\Middleware\Http\Middleware\Authenticate.php

<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
class Authenticate extends Middleware
{
    /**
     * Get the path the user should be redirected to when they are not authenticated.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return string
     */
    protected function redirectTo($request)
    {
        if (! $request->expectsJson()) {
            return route(&#39;login&#39;);
        }
    }
}

Function:

User authentication. The redirectTo method can be modified to return the path to which unauthenticated users should be redirected.

CheckForMaintenanceMode middleware

Source file: app\Http\Middleware\CheckForMaintenanceMode.php

<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode as Middleware;
class CheckForMaintenanceMode extends Middleware
{
    /**
     * The URIs that should be reachable while maintenance mode is enabled.
     *
     * @var array
     */
    protected $except = [
        //
    ];
}

Function:

Detect whether the project is in maintenance mode. The URLs that can still be accessed in maintenance mode can be set via the $except array property.

EncryptCookies middleware

Source file: app\Http\Middleware\EncryptCookies.php

<?php
namespace App\Http\Middleware;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
class EncryptCookies extends Middleware
{
    /**
     * The names of the cookies that should not be encrypted.
     *
     * @var array
     */
    protected $except = [
        //
    ];
}

Function

Encrypt, decrypt and verify cookies. Cookies that are not encrypted can be set via the $except array attribute.

RedirectIfAuthenticated middleware

Source file: app\Http\Middleware\RedirectIfAuthenticated.php

<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class RedirectIfAuthenticated
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string|null  $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = null)
    {
        if (Auth::guard($guard)->check()) {
            return redirect(&#39;/home&#39;);
        }
        return $next($request);
    }
}

Function:

When the request page is for registration, login, or forgotten password, check whether the user has logged in. If so, redirect to the home page. If not, open the corresponding interface. The path to redirect can be customized in the handle method.

TrimStrings middleware

Source file: app\Http\Middleware\TrimStrings.php

<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
class TrimStrings extends Middleware
{
    /**
     * The names of the attributes that should not be trimmed.
     *
     * @var array
     */
    protected $except = [
        &#39;password&#39;,
        &#39;password_confirmation&#39;,
    ];
}

Function:

Clean the whitespace characters before and after the request parameter content. Parameters that are not processed can be set through the $except array property.

TrustProxies middleware

Source file: app\Http\Middleware\TrustProxies.php

<?php
namespace App\Http\Middleware;
use Illuminate\Http\Request;
use Fideloper\Proxy\TrustProxies as Middleware;
class TrustProxies extends Middleware
{
    /**
     * The trusted proxies for this application.
     *
     * @var array|string
     */
    protected $proxies;
    /**
     * The headers that should be used to detect proxies.
     *
     * @var int
     */
    protected $headers = Request::HEADER_X_FORWARDED_ALL;
}

Function:

Configure trusted proxy. The list of trusted proxies can be set via the $proxies property, and the $headers property sets the HTTP header fields used to detect proxies.

VerifyCsrfToken middleware

Source file: app\Http\Middleware\VerifyCsrfToken.php

<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
    /**
     * Indicates whether the XSRF-TOKEN cookie should be set on the response.
     *
     * @var bool
     */
    protected $addHttpCookie = true;
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        //
    ];
}

Function:

Verify that the token in the request matches the token stored in the session. URLs that do not perform CSRF verification can be set through the $except array attribute.

Related recommendations: The latest five Laravel video tutorials

The above is the detailed content of What are laravel middlewares?. For more information, please follow other related articles on the PHP Chinese website!