Laravel: Custom Middleware is applying on each route

Question

I created a middleware as:

use Closure;
use Gate;
class ACLMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (Gate::denies('access-post')) {
            abort(403,'Not allowed!!!');
        }
        return $next($request);
    }
}

And then define in route as:

Route::get('/', 'HomeController@index');

Route::group(['middleware' => 'auth','acl'], function () {

    Route::resource('post', 'PostController');
   ...

When I run this.. it's applying on all routes, even on /. Why is like that?

Kernel.php

<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * @var array
     */
    protected $middleware = [
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
        \App\Http\Middleware\ACLMiddleware::class,
    ];

    /**
     * The application's route middleware.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth'       => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'guest'      => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'acl'        => \App\Http\Middleware\ACLMiddleware::class,
    ];
}

Found the issue, instead of array I set middleware as strings; forgot to add `[]`. Now it works!! — Volatil3, Nov 01 '15 at 12:07

tam5 · Accepted Answer · 2015-11-01T16:18:08.893

3

Your middleware are registered in App\Http\Kernel.php.

The array:

protected $middleware = ['...'];

defines the middleware that should be run on every http request. In your case you need to remove \App\Http\Middleware\ACLMiddleware::class if you don't want it run on every request.

The array:

protected $routeMiddleware = ['...'];

defines the middleware that will only be applied where you specify. This is where your definitions belong.

edited Nov 01 '15 at 16:18

answered Nov 01 '15 at 11:59

tam5

3,197
5
24
45

I removed but now it is not being called on route either. – Volatil3 Nov 01 '15 at 12:03
Do I need to make changes the way I am setting a middleware route? – Volatil3 Nov 01 '15 at 12:04

score 0 · Answer 2 · answered May 18 '17 at 14:03

0

You need to link your middleware with your route using the MW class name like : Route::post('route', 'Controller@index')->middleware(Authorize::class);

answered May 18 '17 at 14:03

Michael Chemani

21
1

Laravel: Custom Middleware is applying on each route

2 Answers2