How to Customize Default Middleware in Laravel 11

In this article, we'll see how to customize default middleware in laravel 11. In Laravel 11, there's been a notable change regarding middleware registration. The traditional approach of defining middleware directly in the Kernel.php file has been removed.

You can no longer register middleware there. Instead, in Laravel 11, you'll need to register and customize middleware in the app.php file.

So, let's see how to customize default middleware in laravel 11, laravel 11 middleware, and laravel custom middleware.

Laravel 11 Define New Middleware

We'll utilize the alias() method to define a new middleware within the "bootstrap/app.php" file.

bootstrap/app.php

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
  
        $middleware->alias([
            'isAdmin' => \App\Http\Middleware\IsAdmin::class,
        ]);
          
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

 
Laravel 11 Remove Default Middleware

We will utilize the remove() method to eliminate the default middleware already present in the "bootstrap/app.php" file.

bootstrap/app.php

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
  
        // Using a string
        $middleware->remove(\Illuminate\Http\Middleware\ValidatePostSize::class);
   
        // Or removing multiple default middleware
        $middleware->remove([
            \Illuminate\Http\Middleware\TrustProxies::class,
            \Illuminate\Http\Middleware\HandleCors::class,
        ]);
            
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();
 
Laravel 11 Update Where Users and Guests Are Redirected

We'll utilize the redirectTo() method in the "bootstrap/app.php" file to specify the redirection destination for both users and guests.

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
    
        $middleware->redirectTo(
            guests: '/admin/login',
            users: '/dashboard'
        );
              
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

 

Laravel 11 Excludes Cookies from being Encrypted

We will utilize the encryptCookies() method to specify which cookies should not be encrypted in the URL.

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
    
        $middleware->encryptCookies(except: [
            'abc',
            'test',
        ]);
              
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

 

Laravel 11 Exclude Routes from CSRF Protection

We will utilize the validateCsrfTokens() method to exempt certain routes from CSRF (Cross-Site Request Forgery) protection.

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
    
        $middleware->validateCsrfTokens(except: [
            '/stripe/*',
            '/stripe/callback',
        ]);
              
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

 

Laravel 11 Exclude Routes from URL Signature Validation

We'll utilize the validateSignatures() method to exempt certain routes from URL signature validation.

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
    
        $middleware->validateSignatures(except: [
            '/api/*',
        ]);
              
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

 

Laravel 11 Prevent Converting Empty Strings in Requests

We'll employ the convertEmptyStringsToNull() method to avoid converting empty strings within requests.

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
    
        $middleware->convertEmptyStringsToNull(except: [
            fn ($request) => $request->path() === 'admin/dashboard',
        ]);
              
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

 

Laravel 11 Prevent String Trimming in Requests

We'll utilize the trimStrings() method to prevent string trimming in requests.

<?php
  
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
  
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
    
        $middleware->trimStrings(except: [
            '/test',
        ]);
              
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

 


You might also like:

techsolutionstuff

Techsolutionstuff | The Complete Guide

I'm a software engineer and the founder of techsolutionstuff.com. Hailing from India, I craft articles, tutorials, tricks, and tips to aid developers. Explore Laravel, PHP, MySQL, jQuery, Bootstrap, Node.js, Vue.js, and AngularJS in our tech stack.

RECOMMENDED POSTS

FEATURE POSTS