{"id":2084,"date":"2024-12-09T11:56:07","date_gmt":"2024-12-09T11:56:07","guid":{"rendered":"https:\/\/nirvaat.com\/?p=2084"},"modified":"2024-12-18T11:48:36","modified_gmt":"2024-12-18T11:48:36","slug":"how-to-add-middleware-to-restrict-user-dont-access-any-features-without-login-in-laravel-11","status":"publish","type":"post","link":"https:\/\/nirvaat.com\/blogs\/2024\/12\/how-to-add-middleware-to-restrict-user-dont-access-any-features-without-login-in-laravel-11\/","title":{"rendered":"How to add middleware to restrict user access without login in Laravel 11?"},"content":{"rendered":"\n

I am developing a project in which I have to make sure that the user can access the page only if he is logged in, otherwise he should remain at the login page. For which I am going to use middleware. First of all, I will create a middleware and name it “isLogin<\/strong>“.

command : php artisan make:middleware isLogin<\/mark><\/strong>

After running this command, I will check whether the user-id is set in the session or not, which is set when the user logs in.
<\/p>\n\n\n\n

1. Set user-id in session<\/strong> on login<\/strong><\/h2>\n\n\n\n
<\/span><\/span>
public<\/span> <\/span>function<\/span> <\/span>AdminLoginProccess<\/span>(<\/span>Request<\/span> <\/span>$request<\/span>)<\/span><\/span>\n    <\/span>{<\/span><\/span>\n        <\/span>$credentials<\/span> <\/span>=<\/span> <\/span>$request<\/span>-><\/span>validate<\/span>([<\/span><\/span>\n            <\/span>'<\/span>email<\/span>'<\/span> <\/span>=><\/span> <\/span>'<\/span>required|email<\/span>'<\/span>,<\/span><\/span>\n            <\/span>'<\/span>password<\/span>'<\/span> <\/span>=><\/span> <\/span>'<\/span>required<\/span>'<\/span>,<\/span><\/span>\n        ])<\/span>;<\/span><\/span>\n<\/span>\n        <\/span>$adminUser<\/span> <\/span>=<\/span> AdminAdmin<\/span>:<\/span>:<\/span>where<\/span>(<\/span>'<\/span>email<\/span>'<\/span>,<\/span> <\/span>$credentials<\/span>[<\/span>'<\/span>email<\/span>'<\/span>])<\/span>-><\/span>first<\/span>()<\/span>;<\/span><\/span>\n<\/span>\n        <\/span>if<\/span> (<\/span>$adminUser<\/span>) <\/span>{<\/span><\/span>\n            <\/span>$password<\/span> <\/span>=<\/span> <\/span>$request<\/span>-><\/span>request<\/span>-><\/span>get<\/span>(<\/span>'<\/span>password<\/span>'<\/span>)<\/span>;<\/span><\/span>\n            <\/span>if<\/span> (<\/span>$password<\/span>) <\/span>{<\/span><\/span>\n                <\/span>$request<\/span>-><\/span>session<\/span>()<\/span>-><\/span>put<\/span>(<\/span>'<\/span>isAdmin<\/span>'<\/span>,<\/span> <\/span>$adminUser<\/span>-><\/span>id<\/span>)<\/span>;<\/span><\/span>\n                <\/span>$request<\/span>-><\/span>session<\/span>()<\/span>-><\/span>put<\/span>(<\/span>'<\/span>adminName<\/span>'<\/span>,<\/span> <\/span>$adminUser<\/span>-><\/span>name<\/span>)<\/span>;<\/span><\/span>\n<\/span>\n                <\/span>return<\/span> <\/span>redirect<\/span>()<\/span>-><\/span>route<\/span>(<\/span>'<\/span>admin.dashboard<\/span>'<\/span>)<\/span>;<\/span><\/span>\n            <\/span>}<\/span> <\/span>else<\/span> <\/span>{<\/span><\/span>\n                <\/span>return<\/span> <\/span>back<\/span>()<\/span>-><\/span>with<\/span>(<\/span>'<\/span>error<\/span>'<\/span>,<\/span> <\/span>'<\/span>Invalid Password.<\/span>'<\/span>)<\/span>-><\/span>withInput<\/span>()<\/span>;<\/span><\/span>\n            <\/span>}<\/span><\/span>\n        <\/span>}<\/span> <\/span>else<\/span> <\/span>{<\/span><\/span>\n            <\/span>return<\/span> <\/span>back<\/span>()<\/span>-><\/span>with<\/span>(<\/span>'<\/span>error<\/span>'<\/span>,<\/span> <\/span>'<\/span>Invalid Email.<\/span>'<\/span>)<\/span>-><\/span>withInput<\/span>()<\/span>;<\/span><\/span>\n        <\/span>}<\/span><\/span>\n    <\/span>}<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
2. isLogin Middleware<\/strong><\/h2>\n\n\n\n
<\/span><\/span>
<?<\/span>php<\/span><\/span>\n<\/span>\nnamespace<\/span> <\/span>App<\/span>\\<\/span>Http<\/span>\\<\/span>Middleware<\/span>\\<\/span>Admin<\/span>;<\/span><\/span>\n<\/span>\nuse<\/span> <\/span>Closure<\/span>;<\/span><\/span>\nuse<\/span> <\/span>Illuminate<\/span>\\<\/span>Http<\/span>\\<\/span>Request<\/span>;<\/span><\/span>\nuse<\/span> <\/span>Symfony<\/span>\\<\/span>Component<\/span>\\<\/span>HttpFoundation<\/span>\\<\/span>Response<\/span>;<\/span><\/span>\n<\/span>\nclass<\/span> <\/span>Login<\/span><\/span>\n{<\/span><\/span>\n    <\/span>\/**<\/span><\/span>\n     * Handle an incoming request.<\/span><\/span>\n     *<\/span><\/span>\n     * <\/span>@<\/span>param<\/span>  \\Closure(\\Illuminate\\Http\\Request): (\\Symfony\\Component\\HttpFoundation\\Response)  $next<\/span><\/span>\n     *\/<\/span><\/span>\n    <\/span>public<\/span> <\/span>function<\/span> <\/span>handle<\/span>(<\/span>Request<\/span> <\/span>$request<\/span>,<\/span> <\/span>Closure<\/span> <\/span>$next<\/span>)<\/span>:<\/span> Response<\/span><\/span>\n    <\/span>{<\/span><\/span>\n        <\/span>if<\/span>(<\/span>$request<\/span>-><\/span>session<\/span>()<\/span>-><\/span>has<\/span>(<\/span>'<\/span>isAdmin<\/span>'<\/span>))<\/span>{<\/span><\/span>\n            <\/span>return<\/span> <\/span>$next<\/span>(<\/span>$request<\/span>)<\/span>;<\/span><\/span>\n        <\/span>}<\/span><\/span>\n        <\/span>return<\/span> <\/span>redirect<\/span>()<\/span>-><\/span>route<\/span>(<\/span>'<\/span>admin.login<\/span>'<\/span>)<\/span>;<\/span><\/span>\n    <\/span>}<\/span><\/span>\n}<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
After creating the middleware, it also has to be registered. So in Laravel 11, this has to be done in the app.php file inside the bootstrap folder.<\/p>\n\n\n\n
3. Registering middleware in App.php<\/strong><\/h2>\n\n\n\n
<\/span><\/span>
<?<\/span>php<\/span><\/span>\n<\/span>\nuse<\/span> <\/span>App<\/span>\\<\/span>Http<\/span>\\<\/span>Middleware<\/span>\\<\/span>Admin<\/span>\\<\/span>Login<\/span>;<\/span><\/span>\nuse<\/span> <\/span>Illuminate<\/span>\\<\/span>Foundation<\/span>\\<\/span>Application<\/span>;<\/span><\/span>\nuse<\/span> <\/span>Illuminate<\/span>\\<\/span>Foundation<\/span>\\<\/span>Configuration<\/span>\\<\/span>Exceptions<\/span>;<\/span><\/span>\nuse<\/span> <\/span>Illuminate<\/span>\\<\/span>Foundation<\/span>\\<\/span>Configuration<\/span>\\<\/span>Middleware<\/span>;<\/span><\/span>\n<\/span>\nreturn<\/span> <\/span>Application<\/span>:<\/span>:<\/span>configure<\/span>(<\/span>basePath<\/span>: <\/span>dirname<\/span>(<\/span>__DIR__<\/span>))<\/span><\/span>\n    <\/span>-><\/span>withRouting<\/span>(<\/span><\/span>\n        <\/span>web<\/span>: <\/span>__DIR__<\/span>.<\/span>'<\/span>\/..\/routes\/web.php<\/span>'<\/span>,<\/span><\/span>\n        <\/span>commands<\/span>: <\/span>__DIR__<\/span>.<\/span>'<\/span>\/..\/routes\/console.php<\/span>'<\/span>,<\/span><\/span>\n        <\/span>health<\/span>: <\/span>'<\/span>\/up<\/span>'<\/span>,<\/span><\/span>\n    )<\/span><\/span>\n    <\/span>-><\/span>withMiddleware<\/span>(<\/span>function<\/span> <\/span>(<\/span>Middleware<\/span> <\/span>$middleware<\/span>)<\/span> <\/span>{<\/span><\/span>\n        <\/span>$middleware<\/span>-><\/span>alias<\/span>([<\/span><\/span>\n            <\/span>'<\/span>isAdminLogin<\/span>'<\/span> <\/span>=><\/span> <\/span>Login<\/span>::<\/span>class<\/span><\/span>\n        ]);<\/span><\/span>\n    })<\/span><\/span>\n    <\/span>-><\/span>withExceptions<\/span>(<\/span>function<\/span> <\/span>(<\/span>Exceptions<\/span> <\/span>$exceptions<\/span>)<\/span> <\/span>{<\/span><\/span>\n        <\/span>\/\/<\/span><\/span>\n    <\/span>}<\/span>)<\/span>-><\/span>create<\/span>();<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
Previous versions of Laravel used kernel.php file to register middleware.<\/p>\n\n\n\n
After registering the middleware, we can use it with routes in our wep.php, which will check all the routes whether the user-id is set in the session or not.<\/p>\n\n\n\n
4. Use in routes<\/strong><\/h2>\n\n\n\n
<\/span><\/span>
Route<\/span>:<\/span>:<\/span>get<\/span>(<\/span>'<\/span>\/dashboard<\/span>'<\/span>,<\/span> [<\/span>Admin<\/span>::<\/span>class<\/span>,<\/span> <\/span>'<\/span>adminDashboard<\/span>'<\/span>])<\/span>-><\/span>name<\/span>(<\/span>'<\/span>dashboard<\/span>'<\/span>)<\/span>-><\/span>middleware<\/span>(<\/span>'<\/span>isAdminLogin<\/span>'<\/span>)<\/span>;<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n
These are the steps to restrict the users to access features only after login.<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
I am developing a project in which I have to make sure that the user can access the page only if he is logged in, otherwise he should remain at the login page. For which I am going to use middleware. First of all, I will create a middleware and name it “isLogin“. command : […]<\/p>\n","protected":false},"author":26,"featured_media":2097,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"_vp_format_video_url":"","_vp_image_focal_point":[],"footnotes":""},"categories":[29,22,4],"tags":[106,102,120,122,119,105,121],"class_list":["post-2084","post","type-post","status-publish","format-standard","hentry","category-blog","category-education","category-web-development","tag-laravel","tag-laravel-11","tag-middleware","tag-middleware-setup","tag-middlewareinlaravel","tag-php","tag-webdevelopment"],"_links":{"self":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts\/2084","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/comments?post=2084"}],"version-history":[{"count":10,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts\/2084\/revisions"}],"predecessor-version":[{"id":2117,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/posts\/2084\/revisions\/2117"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/media\/2097"}],"wp:attachment":[{"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/media?parent=2084"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/categories?post=2084"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nirvaat.com\/blogs\/wp-json\/wp\/v2\/tags?post=2084"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}