Laravel Middleware

Middleware filters HTTP requests entering your application. Common uses include authentication, logging, and CORS headers.

1 - Creating Middleware

php artisan make:middleware EnsureUserIsActive

2 - Writing Middleware Logic

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

class EnsureUserIsActive
{
    public function handle(Request $request, Closure $next): Response
    {
        if ($request->user()?->status !== 'active') {
            return redirect('/account-suspended');
        }

        return $next($request);
    }
}

3 - Registering Middleware

// bootstrap/app.php  (Laravel 11+)
->withMiddleware(function (Middleware $middleware) {
    $middleware->alias([
        'active' => \App\Http\Middleware\EnsureUserIsActive::class,
    ]);
})

4 - Applying Middleware to Routes

// Single route
Route::get('/profile', [ProfileController::class, 'show'])->middleware('active');

// Group of routes
Route::middleware(['auth', 'active'])->group(function () {
    Route::get('/dashboard', [DashboardController::class, 'index']);
});

5 - Terminable Middleware

public function terminate(Request $request, Response $response): void
{
    // Runs after the response is sent to the browser
    Log::info('Request completed', ['url' => $request->url()]);
}