Laravel的中间件可以方便的过滤进入我们网页的请求。包括用户授权,CORS来指定流出请求的header等。
定义一个新的中间件可以使用命令:
php artisan make:middleware AgeMiddleware
这条命令在app/Http/Middleware中创建AgeMiddleware类。
我们假设我们过滤所有年龄小于200的请求:
<?php namespace App\Http\Middleware; use Closure; class AgeMiddleware { /** * Run the request filter. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->input(\'age\') <= 200) { return redirect(\'home\'); } return $next($request); } }
通过调用$next回调函数就可以将请求往下传递。
Middleware的过滤不局限于请求到达,当请求处理完毕后,也可以经由Middleware处理过滤:
<?php namespace App\Http\Middleware; use Closure; class BeforeMiddleware { public function handle($request, Closure $next) { // Perform action return $next($request); } } <?php namespace App\Http\Middleware; use Closure; class AfterMiddleware { public function handle($request, Closure $next) { $response = $next($request); // Perform action return $response; } }
如果需要你的middleware能够过滤全部Http请求,只需要在app/Http/Kernel.php的$middleware中列出即可。
如果需要将middleware指定给特定的route,首先需要在app/Http/Kernel.php中的$routeMiddleware里声明一个简单的key:
protected $routeMiddleware = [ \'auth\' => \App\Http\Middleware\Authenticate::class, \'auth.basic\' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, \'guest\' => \App\Http\Middleware\RedirectIfAuthenticated::class, \'throttle\' => \Illuminate\Routing\Middleware\ThrottleRequests::class, ];
声明后即可在route里使用,route还可以同时指定多个middleware:
Route::get(\'admin/profile\', [\'middleware\' => \'auth\', function () { // }]); Route::get(\'/\', [\'middleware\' => [\'first\', \'second\'], function () { // }]);
也可以通过方法指定:
Route::get(\'/\', function () { // })->middleware([\'first\', \'second\']);
我们也可以将多个Middleware Group在app/Http/Kernel.php中声明成为一个Middleware,如我们熟知的web和api Middleware:
protected $middlewareGroups = [ \'web\' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \App\Http\Middleware\VerifyCsrfToken::class, ], \'api\' => [ \'throttle:60,1\', \'auth:api\', ], ];
Middleware同时也接受传参,只需要在最后一个变量$next后加入新的参数即可。传参时需要在route中用:分隔Middleware和参数:
<?php namespace App\Http\Middleware; use Closure; class RoleMiddleware { /** * Run the request filter. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string $role * @return mixed */ public function handle($request, Closure $next, $role) { if (! $request->user()->hasRole($role)) { // Redirect... } return $next($request); } } Route::put(\'post/{id}\', [\'middleware\' => \'role:editor\', function ($id) { // }]);