# Middleware dalam contoh ni, kita ada buat middleware untuk semak peranan berdasarkan column 'role' pada table users. ##### 1. Create Middleware Guna artisan:

php artisan make:middleware RoleMiddleware

Ini akan create file `app/Http/Middleware/RoleMiddleware.php`. ##### 2. Edit Middleware Logic Contoh `RoleMiddleware`: > <?php > > namespace App\\Http\\Middleware; > > use Closure; > use Illuminate\\Http\\Request; > use Symfony\\Component\\HttpFoundation\\Response; > use Illuminate\\Support\\Facades\\Auth; > > class RoleMiddleware > { > /\*\* > \* Handle an incoming request. > \* > \* @param \\Closure(\\Illuminate\\Http\\Request): (\\Symfony\\Component\\HttpFoundation\\Response) $next > \*/ > public function handle(Request $request, Closure $next, ...$roles): Response > { > $user = Auth::user(); > > if (! $user) { > return redirect()->route('login'); > } > > // Check kalau role user termasuk dalam list roles yang dibenarkan > if (! in\_array($user->role, $roles)) { > abort(403, 'Unauthorized access'); > } > > return $next($request); > } > } guna `...$roles` (spread operator), so masa panggil middleware boleh letak lebih dari satu role. contoh dalam routes pada point 4. `return $next($request);` tu utk proceed kalau semuanya ok. ##### 3. Register Middleware Dalam Laravel 11, middleware global dan route middleware **daftar dalam `bootstrap/app.php`**, bukan lagi `app/Http/Kernel.php` (Kernel dah minimal). So buka `bootstrap/app.php`, cari bahagian: > ->withMiddleware(function (Middleware $middleware) { > $middleware->alias(\[ > 'role' => \\App\\Http\\Middleware\\RoleMiddleware::class, > \]); > }) ##### 4. Guna Middleware Dalam Route Sekarang route boleh protect ikut role: > use Illuminate\\Support\\Facades\\Route; > > Route::middleware(\['role:admin'\])->group(function () { > Route::get('/admin', \[AdminController::class, 'index'\])->name('admin.dashboard'); > }); > > Route::middleware(\['role:pengundi'\])->group(function () { > Route::get('/pengundi/cabutan', \[PengundiController::class, 'cabutan'\])->name('pengundi.cabutan'); > }); > > Route::middleware(\['role:datukbandar'\])->group(function () { > Route::get('/datukbandar', \[DatukBandarController::class, 'dashboard'\])->name('datukbandar.dashboard'); > }); > > // kalau ada route share by 2 role > Route::middleware(\['role:admin,datukbandar'\])->group(function () { > Route::get('/laporan', \[ReportController::class, 'index'\]); > });