Middleware in Laravel: A Comprehensive Guide

Middleware in Laravel

Introduction to Middleware

Middleware acts as a bridge between the web server and the application, allowing developers to filter and modify the HTTP requests and responses. It provides a flexible way to handle tasks such as authentication, authorization, logging, form validation, and more. Laravel’s middleware feature simplifies the implementation of these tasks and promotes code reusability.

Understanding Middleware in Laravel

In Laravel, middleware is defined as a class that receives an HTTP request and performs some operations before passing the request to the next middleware or the application’s route handler. Middleware in Laravel can modify the request, validate data, authenticate users, and perform other necessary tasks. It allows developers to intercept requests at various stages of the application’s lifecycle.

Creating Custom Middleware

Developers can create their custom middleware in Laravel by using the make:middleware Artisan command. This command generates a new middleware class with a handle method that defines the logic to be executed. Custom middleware can be used to implement application-specific requirements and can be applied to individual routes or groups of routes.

Registering Middleware in Laravel

To make middleware available for use in Laravel, it needs to be registered in the app/Http/Kernel.php file. The kernel’s middleware property contains an array of middleware classes that are included in the HTTP request lifecycle. Developers can add their custom middleware to this array to make it accessible throughout the application.

Middleware Parameters

Middleware in Laravel can accept parameters, allowing developers to customize their behavior based on specific requirements. By passing parameters to middleware, developers can make it more flexible and reusable. These parameters can be passed when applying middleware to routes or through middleware groups.

Middleware Groups

Laravel allows developers to group multiple middleware classes into a single group. This simplifies the application of multiple middleware to routes. By defining middleware groups, developers can avoid repetitive declaration of middleware on each route and enhance code maintainability.

Applying Middleware to Routes

Middleware can be applied to individual routes or groups of routes in Laravel. Developers can specify middleware directly in route definitions or use middleware groups for a more organized approach. This flexibility allows developers to control the flow of requests and enforce specific behavior on particular routes.

Global Middleware

Global middleware in Laravel is executed on every HTTP request that enters the application. These middleware classes are registered in the $middleware property of the kernel. Global middleware is suitable for tasks such as session handling, logging, and cross-site request forgery (CSRF) protection.

Terminable Middleware

Terminable middleware in Laravel performs actions after the response has been sent to the client. These middleware classes have a terminate method that is called when the response is ready to be sent. Terminable middleware can be used for tasks that need to be executed after the request is handled, such as logging or clearing the application’s cache.

Middleware Security Measures

Middleware in Laravel plays a vital role in implementing security measures for web applications. Developers can use middleware to enforce authentication, authorization, and protection against common security vulnerabilities. By applying middleware to specific routes or groups, developers can ensure that only authorized users have access to sensitive parts of the application.

Creating a Laravel Project

To get started with Laravel, we need to create a new project. Follow these steps to create a Laravel project:

  1. Install Laravel globally on your system by running the following command:
composer global require laravel/installer
  1. Create a new Laravel project using the following command:
laravel new project-name
  1. Change to the project directory:
cd project-name

Creating a Table

Once you have set up your Laravel project, you can create database tables using Laravel’s migration feature. Here’s how you can create a table:

  1. Create a new migration file using the following command:
php artisan make:migration create_users_table --create=users
  1. Open the generated migration file located in the database/migrations directory.
  2. Define the table schema inside the up method using Laravel’s schema builder. For example:

use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;

return new class extends Migration
     * Run the migrations.
    public function up()
        Schema::create('users', function (Blueprint $table) {
            $table->string('role')->default('user'); // Add role column with a default value of 'user'

     * Reverse the migrations.
    public function down(): void
  1. Save the migration file and run the migration using the following command:
php artisan migrate
  1. Adding role in to the users model to check role in middleware.

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;

use Illuminate\Database\Eloquent\Factories\HasFactory;

use Illuminate\Foundation\Auth\User as Authenticatable;

use Illuminate\Notifications\Notifiable;

use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable


    use HasApiTokens, HasFactory, Notifiable;


     * The attributes that are mass assignable.


     * @var array<int, string>


    protected $fillable = [






     * The attributes that should be hidden for serialization.


     * @var array<int, string>


    protected $hidden = [





     * The attributes that should be cast.


     * @var array<string, string>


    protected $casts = [

        'email_verified_at' => 'datetime',

        'password' => 'hashed',


    public function isAdmin()


    return $this->role === 'admin';



Adding Middleware

Middleware in Laravel provides a convenient way to filter HTTP requests entering your application. To add middleware to your Laravel project, follow these steps:

  1. Create a new middleware class using the following command:
php artisan make:middleware RoleMiddleware
  1. Open the generated middleware file located in the app/Http/Middleware directory.
  2. Implement the logic inside the handle method to perform the desired operations on the request. For example:

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class RoleMiddleware

    public function handle($request, Closure $next)
        if ($request->user() && $request->user()->isAdmin()) {
            return $next($request);
        return response('Unauthorized! You are not authorize to access this page.', 401);
  1. Register the middleware in the app/Http/Kernel.php file by adding it to the $middleware or $routeMiddleware array, depending on your requirements.

Creating a Controller

Controllers in Laravel are responsible for handling the logic behind routes. To create a controller, follow these steps:

  1. Create a new controller using the following command:
php artisan make:controller DashboardController
  1. Open the generated controller file located in the app/Http/Controllers directory.
  2. Add the necessary methods and logic inside the controller to handle the route actions. For example:


namespace App\Http\Controllers;

use Illuminate\Http\Request;

class DashboardController extends Controller


    public function  index()


        return view(‘dashboard’);



Defining Routes

In Laravel, routes are defined in the routes/web.php file. Here’s an example of how to define a route with middleware:


use Illuminate\Support\Facades\Route;
use App\Http\Controllers\DashboardController;

| Web Routes
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "web" middleware group. Make something great!

Route::group(['middleware' => 'admin'], function () {
    // Routes that require admin access
    Route::get('/dashboard', [DashboardController::class, 'index']);

// Routes accessible without admin access
Route::get('/', function () {
    return view('welcome');

Route::get('/contact', function () {
    return view('contact');

// Other non-admin routes...

In the above example, the '/dashboard' route is assigned the middleware_name middleware.

Kernel.php Configuration

The app/Http/Kernel.php file is responsible for managing the application’s middleware stack. Here’s an example configuration for adding the Authenticate middleware to the stack:

    protected $middlewareGroups = [
        'web' => [

        'api' => [
            // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
        'admin' => [
            // Other middleware entries specific to admin routes...

Add the Authenticate middleware to the $middleware array to include it in the global middleware stack.

Best Practices for Using Middleware

To make the most out of middleware in Laravel, developers should follow some best practices:

  • Identify the specific tasks that middleware should handle.
  • Create reusable middleware classes for common tasks.
  • Group related middleware using middleware groups.
  • Order middleware appropriately to ensure desired behavior.
  • Avoid excessive or redundant middleware to maintain performance.
  • Regularly review and update middleware to align with changing application requirements.


Laravel middleware is a powerful feature that allows you to filter and modify HTTP requests in your application. In this article, we covered the basics of creating a Laravel project, creating database tables, adding middleware, defining routes, and writing code examples using Laravel middleware. By implementing middleware effectively, you can enhance the security and functionality of your Laravel applications.

FAQs (Frequently Asked Questions)

Q: What is Laravel middleware?
A: Laravel middleware provides a way to filter HTTP requests entering your application and perform actions based on certain conditions.

Q: How do I create a Laravel project?
A: To create a Laravel project, you need to install Laravel globally on your system and use the Laravel CLI to create a new project.

Q: How can I create a database table in Laravel?
A: You can create a database table in Laravel using migrations. Migrations allow you to define the table schema and run the necessary database operations.

Q: Can I add multiple middleware to a route?
A: Yes, you can add multiple middleware to a route by specifying them in the route definition or using middleware groups.

Q: How do I use middleware to handle user authentication?
A: Middleware can be used to restrict access to certain routes based on user authentication. You can define a middleware that checks if the user is authenticated and redirect them if not.

Middleware in Laravel

Our Recommendation

Avatar of Akhand Pratap Singh

Akhand Pratap Singh

Greetings and a warm welcome to my website! I am Akhand Pratap Singh, a dedicated professional web developer and passionate blogger.

Related Post

Leave a Comment


Subscribe for latest updates

We don't spam.