Middleware
Introduction
Middleware provide a convenient mechanism for filtering HTTP requests entering your application. For example, Modulus includes a middleware that verifies the user of your application is authenticated. If the user is not authenticated, the middleware will throw an Exception. However, if the user is authenticated, the middleware will allow the request to proceed further into the application.
Of course, additional middleware can be written to perform a variety of tasks besides authentication.
There are several middleware included in the Formidable framework, including middleware for authentication and CSRF protection. All of these middleware are located in the app/Http/Middleware directory.
Defining Middleware
To create a new middleware, use the make:middleware Craftsman command:
node craftsman make:middleware CheckAge
This command will place a new CheckAge class within your app/Http/Middleware directory. In this middleware, we will only allow access to the route if the supplied age is greater than 18. Otherwise, we will throw an Exception.
- Imba
- TypeScript
import { ForbiddenException } from '@formidablejs/framework'
import { Request } from '@formidablejs/framework'
export class CheckAge
def handle request\Request
if request.get('age') < 18 then throw new ForbiddenException 'Entry denied.'
request
import { ForbiddenException } from '@formidablejs/framework'
import { Request } from '@formidablejs/framework'
export class CheckAge {
handle(request: Request): Request {
if (request.get('age') < 18) {
throw new ForbiddenException 'Entry denied.'
}
return request
}
}
As you can see, if the given age is less than 18, the middleware will throw an Exception; otherwise, the request will be passed further into the application.
Registering Middleware
Global Middleware
If you want a middleware to run during every HTTP request to your application, list the middleware class in the middleware getter of your app/Http/Kernel.imba class or app/Http/Kernel.ts class.
Assigning Middleware To Routes
If you would like to assign middleware to specific routes, you should first assign the middleware a key in your app/Http/Kernel.imba class or app/Http/Kernel.ts. By default, the routeMiddleware getter of this class contains entries for the middleware included with Formidable. To add your own, append it to this list and assign it a key of your choosing. For example:
- Imba
- TypeScript
get routeMiddleware
{
'auth': Authenticate
'cors': HandleCors
'guest': ErrorIfAuthenticated
'lang': AcceptLanguage
'signed': ValidateSignature
}
get routeMiddleware(): object {
return {
'auth': Authenticate,
'cors': HandleCors,
'guest': ErrorIfAuthenticated,
'lang': AcceptLanguage,
'signed': ValidateSignature
}
}
Once the middleware has been defined in the HTTP kernel, you may use the middleware method to assign middleware to a route:
- Imba
- TypeScript
Route.get('admin/profile', do
# do something...
)->middleware(['auth'])
Route.get('admin/profile', () => {
// do something...
})->middleware(['auth'])
You may also assign multiple middleware to the route:
- Imba
- TypeScript
Route.get('/', do
# do something...
).middleware(['first', 'second'])
Route.get('/', () => {
// do something...
}).middleware(['first', 'second'])
Middleware Groups
Sometimes you may want to group several middleware under a single key to make them easier to assign to routes. You may do this using the middlewareGroups getter of your HTTP kernel.
Out of the box, Formidable comes with jwt and session middleware groups:
- Imba
- TypeScript
get middlewareGroups
{
jwt: [
]
session: [
VerifyCsrfToken
]
}
get middlewareGroups(): object {
return {
jwt: [
],
session: [
VerifyCsrfToken
]
}
}