Using A Middleware | Laravel-permission - Spatie
Maybe your like
##Default Middleware
For checking against a single permission (see Best Practices) using can, you can use the built-in Laravel middleware provided by \Illuminate\Auth\Middleware\Authorize::class like this:
Route::group(['middleware' => ['can:publish articles']], function () { // });##Package Middleware
This package comes with RoleMiddleware, PermissionMiddleware and RoleOrPermissionMiddleware middleware. You can add them inside your app/Http/Kernel.php file.
Note the differences between Laravel 10 and older versions of Laravel is the name of the protected property:
##Laravel 9 (and older)
protected $routeMiddleware = [ // ... 'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class, 'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class, 'role_or_permission' => \Spatie\Permission\Middlewares\RoleOrPermissionMiddleware::class, ];##Laravel 10
protected $middlewareAliases = [ // ... 'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class, 'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class, 'role_or_permission' => \Spatie\Permission\Middlewares\RoleOrPermissionMiddleware::class, ];See a typo? You are reading older v5 documentation. Note that since v6 the 'Middleware' namespace is singular. Prior to v6 it was 'Middlewares'. If you are still using 'Middlewares' (plural), it is time to upgrade your app to the latest version of this package!
YOU SHOULD ALSO set the $middlewarePriority array to include this package's middleware before the SubstituteBindings middleware, else you may get 404 Not Found responses when a 403 Not Authorized response might be expected.
##Middleware via Routes
Then you can protect your routes using middleware rules:
Route::group(['middleware' => ['role:super-admin']], function () { // }); Route::group(['middleware' => ['permission:publish articles']], function () { // }); Route::group(['middleware' => ['role:super-admin','permission:publish articles']], function () { // }); Route::group(['middleware' => ['role_or_permission:publish articles']], function () { // });You can specify multiple roles or permissions with a | (pipe) character, which is treated as OR:
Route::group(['middleware' => ['role:super-admin|writer']], function () { // }); Route::group(['middleware' => ['permission:publish articles|edit articles']], function () { // }); Route::group(['middleware' => ['role_or_permission:super-admin|edit articles']], function () { // });##Middleware with Controllers
You can protect your controllers similarly, by setting desired middleware in the constructor:
public function __construct() { $this->middleware(['role:super-admin','permission:publish articles|edit articles']); } public function __construct() { $this->middleware(['role_or_permission:super-admin|edit articles']); }(You can use Laravel's Model Policy feature with your controller methods. See the Model Policies section of these docs.)
Tag » How To Add New Method To Middleware Laravel
-
Middleware - Laravel - The PHP Framework For Web Artisans
-
Laravel Adding Middleware Inside A Controller Function
-
How Controllers And Middleware Work In Laravel - Cloudways
-
Laravel Middleware: Step By Step Complete Guide - AppDividend
-
How To Create Configure And Use Laravel Custom Middleware In ...
-
Laravel - Middleware - Tutorialspoint
-
How To Add Middleware To Only Method In Laravel Code Example
-
Middleware - Laravel Guide - Read The Docs
-
Laravel: Making Middleware Understandable | By Italo Baeza Cabrera
-
Middleware | Laravel Package Development
-
Create Custom Middleware In Laravel 8 - Readerstacks
-
Apply Middleware For Certain Methods - Laracasts
-
Auth Middleware Inside Custom Method In Controller Not Working
-
Programmatically Adding Middleware To Laravel | Scout APM Blog