Laravel Middleware 中間件筆記

Laravel的中間件能夠方便的過濾進入咱們網頁的請求。包括用戶受權，CORS來指定流出請求的header等。

定義一個新的中間件能夠使用命令：

php artisan make:middleware AgeMiddleware

這條命令在app/Http/Middleware中建立AgeMiddleware類。

咱們假設咱們過濾全部年齡小於200的請求：

<?php

namespace App\Http\Middleware;

use Closure;

class AgeMiddleware
{
    /**
     * Run the request filter.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if ($request->input('age') <= 200) {
            return redirect('home');
        }

        return $next($request);
    }

}

經過調用$next回調函數就能夠將請求往下傳遞。

Middleware的過濾不侷限於請求到達，當請求處理完畢後，也能夠經由Middleware處理過濾：

<?php

namespace App\Http\Middleware;

use Closure;

class BeforeMiddleware
{
    public function handle($request, Closure $next)
    {
        // Perform action

        return $next($request);
    }
}

<?php

namespace App\Http\Middleware;

use Closure;

class AfterMiddleware
{
    public function handle($request, Closure $next)
    {
        $response = $next($request);

        // Perform action

        return $response;
    }
}

 

若是須要你的middleware可以過濾所有Http請求，只須要在app/Http/Kernel.php的$middleware中列出便可。

若是須要將middleware指定給特定的route，首先須要在app/Http/Kernel.php中的$routeMiddleware裏聲明一個簡單的key：

protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];

聲明後便可在route裏使用，route還能夠同時指定多個middleware：

Route::get('admin/profile', ['middleware' => 'auth', function () {
    //
}]);

Route::get('/', ['middleware' => ['first', 'second'], function () {
    //
}]);

也能夠經過方法指定：

Route::get('/', function () {
    //
})->middleware(['first', 'second']);

咱們也能夠將多個Middleware Group在app/Http/Kernel.php中聲明成爲一個Middleware，如咱們熟知的web和api Middleware：

protected $middlewareGroups = [
    'web' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
    ],

    'api' => [
        'throttle:60,1',
        'auth:api',
    ],
];

Middleware同時也接受傳參，只須要在最後一個變量$next後加入新的參數便可。傳參時須要在route中用:分隔Middleware和參數：

<?php

namespace App\Http\Middleware;

use Closure;

class RoleMiddleware
{
    /**
     * Run the request filter.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string  $role
     * @return mixed
     */
    public function handle($request, Closure $next, $role)
    {
        if (! $request->user()->hasRole($role)) {
            // Redirect...
        }

        return $next($request);
    }

}

Route::put('post/{id}', ['middleware' => 'role:editor', function ($id) {
    //
}]);