Middleware

dalam contoh ni, kita ada buat middleware untuk semak peranan berdasarkan column 'role' pada table users.  

 1. Create Middleware 

 Guna artisan: 

 php artisan make:middleware RoleMiddleware 

 Ini akan create file app/Http/Middleware/RoleMiddleware.php . 

 2. Edit Middleware Logic 

 Contoh RoleMiddleware : 

 

 <?php 

 namespace App\Http\Middleware; 

 use Closure; use Illuminate\Http\Request; use Symfony\Component\HttpFoundation\Response; use Illuminate\Support\Facades\Auth; 

 class RoleMiddleware {     /**      * Handle an incoming request.      *      * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next      */     public function handle(Request $request, Closure $next, ...$roles): Response     {         $user = Auth::user(); 

         if (! $user) {             return redirect()->route('login');         } 

         // Check kalau role user termasuk dalam list roles yang dibenarkan         if (! in_array($user->role, $roles)) {             abort(403, 'Unauthorized access');         } 

         return $next($request);     } } 

 

 guna ...$roles (spread operator), so masa panggil middleware boleh letak lebih dari satu role. contoh dalam routes pada point 4. 

 return $next($request); tu utk proceed kalau semuanya ok. 

 3. Register Middleware 

 Dalam Laravel 11, middleware global dan route middleware daftar dalam bootstrap/app.php , bukan lagi app/Http/Kernel.php (Kernel dah minimal). 

 So buka bootstrap/app.php , cari bahagian: 

 

 ->withMiddleware(function (Middleware $middleware) {     $middleware->alias([         'role' => \App\Http\Middleware\RoleMiddleware::class,     ]); }) 

 

 4. Guna Middleware Dalam Route 

 Sekarang route boleh protect ikut role: 

 

 use Illuminate\Support\Facades\Route; 

 Route::middleware(['role:admin'])->group(function () {     Route::get('/admin', [AdminController::class, 'index'])->name('admin.dashboard'); }); 

 Route::middleware(['role:pengundi'])->group(function () {     Route::get('/pengundi/cabutan', [PengundiController::class, 'cabutan'])->name('pengundi.cabutan'); }); 

 Route::middleware(['role:datukbandar'])->group(function () {     Route::get('/datukbandar', [DatukBandarController::class, 'dashboard'])->name('datukbandar.dashboard'); }); 

 // kalau ada route share by 2 role Route::middleware(['role:admin,datukbandar'])->group(function () {     Route::get('/laporan', [ReportController::class, 'index']); });