Concept Flow - Why middleware filters requests
Incoming HTTP Request
Middleware Layer
Check Condition
Allow Request
Controller/Route
Middleware acts like a gatekeeper that checks or changes requests before they reach your app's main logic.
0
0
Why middleware filters requests in Laravel - Visual Breakdown
Execution Sample
Laravel
<?php
public function handle($request, Closure $next) {
if (!$request->user()) {
return redirect('login');
}
return $next($request);
}This middleware checks if the user is logged in; if not, it redirects to login, else it passes the request on.
Execution Table
| Step | Action | Request State | Condition Checked | Result | Next Step |
|---|---|---|---|---|---|
| 1 | Receive HTTP request | Original request | N/A | Start middleware | Check user authentication |
| 2 | Check if user is logged in | Original request | $request->user() exists? | No user found | Redirect to login |
| 3 | Redirect to login | Original request | N/A | Response sent: redirect | End middleware |
| 4 | If user found | Original request | $request->user() exists? | User found | Pass request to next middleware or controller |
| 5 | Pass request forward | Original request | N/A | Request continues | Controller handles request |
💡 Middleware stops request if user not logged in; otherwise, request proceeds to controller.
Variable Tracker
| Variable | Start | After Step 2 | After Step 4 | Final |
|---|---|---|---|---|
| $request->user() | null or user object | null (no user) | user object (authenticated) | user object or null |
Key Moments - 2 Insights
Why does middleware sometimes stop the request instead of letting it continue?
Middleware can stop the request to protect routes, like redirecting unauthenticated users as shown in step 2 and 3 of the execution table.
What happens if middleware modifies the request?
Middleware can change the request before passing it on, but in this example it only checks and redirects; see step 5 where the request continues unchanged.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, what happens at step 3?
💡 Hint
Check the 'Result' column at step 3 in the execution table.
At which step does the middleware decide to allow the request to continue?
💡 Hint
Look for where the condition '$request->user() exists?' is true in the execution table.
If the user is authenticated, what will the variable tracker show after step 4?
💡 Hint
Refer to the variable tracker row for '$request->user()' after step 4.
Concept Snapshot
Middleware filters requests before they reach your app. It can check conditions like user login. If conditions fail, it can stop or redirect the request. If conditions pass, it lets the request continue. This helps protect routes and modify requests safely.
Full Transcript
Middleware in Laravel acts as a filter for incoming HTTP requests. When a request arrives, middleware checks conditions such as whether the user is logged in. If the user is not authenticated, middleware can stop the request and redirect it to a login page. If the user is authenticated, middleware passes the request on to the next middleware or the controller. This process helps protect parts of your app and allows you to modify requests before they reach your main logic.