Left Icon Right Icon
Squehub SqueHub

🛡️ Middleware in Squehub

Middleware in Squehub allows you to inspect and filter incoming HTTP requests before they reach your controllers. You can use middleware to implement features like authentication, redirection, role checks, or access control.

📁 Directory Structure

All middleware should be stored in the project/middleware/ directory. For better organization, you can also group middleware into subdirectories (e.g. auth/, admin/). 

project/
└── middleware/
    ├── AuthMiddleware.php
    ├── RedirectIfAuthenticatedMiddleware.php
    └── auth/
        └── VerifyAdminMiddleware.php

🧩 Example: AuthMiddleware

This middleware ensures only logged-in users can access protected routes.

<?php

namespace Project\Middleware;

class AuthMiddleware
{
    public function handle($request, $next)
    {
        if (!isset($_SESSION['user_id'])) {
            return redirect('/login');
        }

        return $next($request);
    }
}

🚫 Example: RedirectIfAuthenticatedMiddleware

This middleware stops authenticated users from accessing guest-only pages.

<?php

namespace Project\Middleware;

class RedirectIfAuthenticatedMiddleware
{
    public function handle($request, $next)
    {
        if (isset($_SESSION['user_id'])) {
            return redirect('/dashboard');
        }

        return $next($request);
    }
}

🔐 Example in Subdirectory: VerifyAdminMiddleware

If you're organizing by role, your namespace must reflect the subdirectory.

<?php

namespace Project\Middleware\auth;

class VerifyAdminMiddleware
{
    public function handle($request, $next)
    {
        if ($_SESSION['role'] !== 'admin') {
            return redirect('/not-authorized');
        }

        return $next($request);
    }
}

🔗 Applying Middleware to Routes

Add middleware to your routes using the class reference syntax:

<?php
use Project\Middleware\AuthMiddleware;
use Project\Middleware\RedirectIfAuthenticatedMiddleware;

$router->add('GET', '/dashboard', [DashboardController::class, 'index'], [
    AuthMiddleware::class
]);

$router->add('GET', '/login', [AuthController::class, 'showLogin'], [
    RedirectIfAuthenticatedMiddleware::class
]);
⚠️ Note: Replace the route logic with your actual controllers and paths.

📂 Subdirectory Middleware Usage

If your middleware is in a subfolder, use the full namespace: 

<?php
use Project\Middleware\auth\VerifyAdminMiddleware;

$router->add('GET', '/admin/settings', 'AdminController@settings', [
    VerifyAdminMiddleware::class
]);

🧱 Middleware Grouping

You can assign middleware to route groups for shared protections:

$router->group([
    'prefix' => '/admin',
    'middleware' => [AuthMiddleware::class]
], function($router) {
    $router->add('GET', '/dashboard', 'AdminController@dashboard');
    $router->add('GET', '/users', 'AdminController@users');
});

⚙️ Structure of a Middleware Class

  • Each middleware must define a handle($request, $next) method.
  • Use return $next($request); to pass to the next stage.
  • You can interrupt the request by returning a redirect, error, or message.

📛 Namespacing Rules

💡 Important: The namespace must reflect the file path:

project/middleware/AuthMiddleware.php
namespace Project\Middleware;

project/middleware/auth/VerifyAdminMiddleware.php
namespace Project\Middleware\auth;

✅ Summary

  • Store all middleware in project/middleware/.
  • Organize into subdirectories with correct namespaces.
  • Attach to individual routes or entire groups using ::class.
✅ Tip: Middleware keeps controllers clean by handling access logic separately.
;