In this article, we'll see how to customize default middleware in laravel 11.
In Laravel 11, there's been a notable change regarding middleware registration. The traditional approach of defining middleware directly in the Kernel.php file has been removed.
You can no longer register middleware there. Instead, in Laravel 11, you'll need to register and customize middleware in the app.php file.
So, let's see how to customize default middleware in laravel 11, laravel 11 middleware, and laravel custom middleware.
Laravel 11 Define New Middleware
We'll utilize the alias() method to define a new middleware within the "bootstrap/app.php" file.
bootstrap/app.php
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->alias([
'isAdmin' => \App\Http\Middleware\IsAdmin::class,
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Laravel 11 Remove Default Middleware
We will utilize the remove() method to eliminate the default middleware already present in the "bootstrap/app.php" file.
bootstrap/app.php
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
// Using a string
$middleware->remove(\Illuminate\Http\Middleware\ValidatePostSize::class);
// Or removing multiple default middleware
$middleware->remove([
\Illuminate\Http\Middleware\TrustProxies::class,
\Illuminate\Http\Middleware\HandleCors::class,
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Laravel 11 Update Where Users and Guests Are Redirected
We'll utilize the redirectTo() method in the "bootstrap/app.php" file to specify the redirection destination for both users and guests.
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->redirectTo(
guests: '/admin/login',
users: '/dashboard'
);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Laravel 11 Excludes Cookies from being Encrypted
We will utilize the encryptCookies() method to specify which cookies should not be encrypted in the URL.
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->encryptCookies(except: [
'abc',
'test',
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Laravel 11 Exclude Routes from CSRF Protection
We will utilize the validateCsrfTokens() method to exempt certain routes from CSRF (Cross-Site Request Forgery) protection.
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->validateCsrfTokens(except: [
'/stripe/*',
'/stripe/callback',
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Laravel 11 Exclude Routes from URL Signature Validation
We'll utilize the validateSignatures() method to exempt certain routes from URL signature validation.
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->validateSignatures(except: [
'/api/*',
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Laravel 11 Prevent Converting Empty Strings in Requests
We'll employ the convertEmptyStringsToNull() method to avoid converting empty strings within requests.
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->convertEmptyStringsToNull(except: [
fn ($request) => $request->path() === 'admin/dashboard',
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Laravel 11 Prevent String Trimming in Requests
We'll utilize the trimStrings() method to prevent string trimming in requests.
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->trimStrings(except: [
'/test',
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
You might also like:
Top comments (0)