Skip to main content
Version: 9.x

Middlewares

Definition#

Middleware provide a convenient mechanism for filtering HTTP requests entering your application. More about them here.

You can enable and disable Middlewares as you wish.

Principles#

  • There are two types of Middlewares, General (applied on all the Routes by default) and Endpoints Middlewares (applied on some Endpoints).

  • The Middlewares CAN be placed in Ship layer or Container layer depending on its roles.

Rules#

  • If a Middleware is written inside a Container it MUST be registered inside that Container.

  • To register Middlewares in a Container the container needs to have a MiddlewareServiceProvider, and like all other Container Providers it MUST be registered in the MainServiceProvider of that Container.

  • General Middlewares (like some default Laravel Middlewares) SHOULD live in the Ship layer app/Ship/Middlewares/* and are registered in the Ship Main Provider.

  • Third Party packages Middleware CAN be registered in Containers or on the Ship layer (wherever they make more sense). Example: the jwt.auth middleware "provided by the JWT package" is registered in the Authentication Container (Containers/Authentication/Providers/MiddlewareServiceProvider.php).

Folder Structure#

- App
- Containers
- {container-name}
- Middlewares
- WebAuthentication.php
- Ship
- Middleware
- Http
- EncryptCookies.php
- VerifyCsrfToken.php

Code Sample#

Middleware Example:

<?php
namespace App\Containers\Authentication\Middlewares;
use App\Ship\Engine\Butlers\Facades\ContainersButler;
use App\Ship\Parents\Middlewares\Middleware;
use Closure;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Http\Request;
/**
* Class WebAuthentication
*
* @author Mahmoud Zalt <[email protected]>
*/
class WebAuthentication extends Middleware
{
protected $auth;
public function __construct(Guard $auth)
{
$this->auth = $auth;
}
public function handle(Request $request, Closure $next)
{
if ($this->auth->guest()) {
return response()->view(ContainersButler::getLoginWebPageName(), [
'errorMessage' => 'Credentials Incorrect.'
]);
}
return $next($request);
}
}

Middleware registration inside the Container Example:

<?php
namespace App\Containers\Authentication\Providers;
use App\Containers\Authentication\Middlewares\WebAuthentication;
use App\Ship\Parents\Providers\MiddlewareProvider;
use Tymon\JWTAuth\Middleware\GetUserFromToken;
use Tymon\JWTAuth\Middleware\RefreshToken;
class MiddlewareServiceProvider extends MiddlewareProvider
{
protected $middleware = [
];
protected $middlewareGroups = [
'web' => [
],
'api' => [
],
];
protected $routeMiddleware = [
'jwt.auth' => GetUserFromToken::class,
'jwt.refresh' => RefreshToken::class,
'auth:web' => WebAuthentication::class,
];
public function boot()
{
$this->loadContainersInternalMiddlewares();
}
public function register()
{
}
}

Middleware registration inside the Ship layer (HTTP Kernel) Example:

<?php
namespace App\Ship\Kernels;
use App\Ship\Middlewares\Http\ProcessETagHeadersMiddleware;
use App\Ship\Middlewares\Http\ProfilerMiddleware;
use App\Ship\Middlewares\Http\ValidateJsonContent;
use Illuminate\Foundation\Http\Kernel as LaravelHttpKernel;
/**
* Class HttpKernel
*
* A.K.A (app/Http/Kernel.php)
*
* @author Mahmoud Zalt <[email protected]>
*/
class HttpKernel extends LaravelHttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
// Laravel middleware's
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Ship\Middlewares\Http\TrimStrings::class,
\App\Ship\Middlewares\Http\TrustProxies::class,
// CORS package middleware
\Barryvdh\Cors\HandleCors::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Ship\Middlewares\Http\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Ship\Middlewares\Http\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
ValidateJsonContent::class,
'bindings',
ProcessETagHeadersMiddleware::class,
ProfilerMiddleware::class,
// The throttle Middleware is registered by the RoutesLoaderTrait in the Core
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
];
}
Last updated on by Moslem Deris