Slim PHP Route in Middleware

php middleware slim
Frank Michael Sanchez picture Frank Michael Sanchez · Nov 28, 2013 · Viewed 8.4k times · Source

In Slim is it possible to get the current route within middleware?

class Auth extends \Slim\Middleware{
  public function call(){ 
    $currentRoute = $this->app->getRoute(); // Something like this?
  }
}

I know you can call $app->router()->getCurrentRoute() after the slim.before.dispatch hook is called, but when you call this from middleware it returns a non-object. Any help would be greatly appreciated.

Answer

Steve Whitfield picture Steve Whitfield · Dec 5, 2013

Yes and no. If you look at the source code for Slim, you will see that registered Middlewares are called in LIFO order when the Slim::run method is called, and then Slim runs it's own "call" method where the processing of the request begins. It is in this method that Slim parses and processes the route. In which case, you cannot access $app->router()->getCurrentRoute() in the Middleware::call method because it won't have been parsed and defined yet.

The only way to do this is to register a listener on slim.before.dispatch inside your Middleware, and implement whatever you want to do in that method.

From the name of your class I assume you are trying to create a basic authentication module? I've done something similar to this before, and it went something like this:

class AuthMiddleware extends \Slim\Middleware
{
    public function call()
    {
        $this->app->hook('slim.before.dispatch', array($this, 'onBeforeDispatch'));

        $this->next->call();
    }

    public function onBeforeDispatch()
    {
        $route = $this->app->router()->getCurrentRoute();

        //Here I check if the route is "protected" some how, and if it is, check the
        //user has permission, if not, throw either 404 or redirect.

        if (is_route_protected() && !user_has_permission())
        {
            $this->app->redirect('/login?return=' . urlencode(filter_input(INPUT_SERVER, 'REQUEST_URI')));
        }
    }
}

In this example, the onBeforeDispatch method will be run before of the route handlers are invoked. If you look at the source code, you can see the events are fired inside a try/catch block that is listening for the exceptions thrown by $app->redirect() and $app->pass(), etc. This means we can implement our check/redirect logic here just as if this was a route handler function.

Above is_route_protected and user_has_permission are just pseudo-code to illustrate how my auth middleware worked. I structured the class so that you could specify a list of routes or regex for routes in the Middleware constructor that were protected, as well as passing a service object that implemented the user permission checking, etc. Hope this helps.

Related questions

Auth::user() returns null

I use Laravel 5.2 and have a problem with middleware. There is the code in the routes.php use Illuminate\Contracts\Auth\Access\Gate; Route::group(['middleware' => 'web'], function () { Route::auth(); Route::get('/', 'HomeController@index'); }); Route::group(['prefix'=&…

Read More
disable web middleware for specific routes in laravel 5.2

I want to guest users have access to home page but in built in authentication process laravel redirects to login page. how can i give guest users access to home page? my routes.php: Route::group(['middleware' => 'web'], function () { …

Read More
Passing parameters to middleware in Laravel

Let's say I have a route pointing to middleware; Route::get("/user/{id}", ['middleware' => 'auth', function ($id) { }]); And my middleware code is as follows: public function handle($request, Closure $next) { return $next($request); } If I want to use $id …

Read More