laravel 中间件配置-蒲公英云

laravel 中间件配置

<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        //检测是否进入维护模式
        \App\Http\Middleware\CheckForMaintenanceMode::class,
        //检测表单请求的数据是否过大
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        //对提交的请求参数进行php函数trim处理
        \App\Http\Middleware\TrimStrings::class,
        //将提交请求参数中空字符串转换为null
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
        //修正代理服务器后的服务器参数
        \App\Http\Middleware\TrustProxies::class,
    ];
    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        //web 中间件组,应用于routes/web.php路由文件
        //在RouteServiceProvider中设定
        'web' => [
            //cookie 加密解密
            \App\Http\Middleware\EncryptCookies::class,
            //将cookie添加到响应中
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            //开启会话
            \Illuminate\Session\Middleware\StartSession::class,
            // \Illuminate\Session\Middleware\AuthenticateSession::class,
            //将系统的错误数据注入到视图变量$errors中
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            //校验csrf,防止跨站请求伪造的安全威胁
            \App\Http\Middleware\VerifyCsrfToken::class,
            // 处理路由绑定
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
            //强制用户邮箱认证
            \App\Http\Middleware\EnsureEmailIsVerified::class,
        ],
        //api 中间件组,应用于rotes/api.php路由文件
        //在RouteServiceProvider中设定
        'api' => [
            //使用别名来调用中间件
            //请见手册中为路由分配中间件
            'throttle:60,1',
            'bindings',
        ],
    ];
    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        //只有登录用户才能方位,我们在控制器的构造方法中大量使用
        'auth' => \App\Http\Middleware\Authenticate::class,
        //HTTP Basic Auth认证
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        //处理路由绑定
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        //用户授权功能
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        //只有游客才能访问,在register和login请求中使用,只有未登录用户才能访问这些页面
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        //签名认证,在找回密码章节我们讲过
        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
        //访问节流,类似于[1分钟只能请求10次]的需要,一般在api使用
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        //laravel 自带的强制用户邮箱认证的中间件,为了更加贴近我们的逻辑,已被重写
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
    ];
    //设定中间件优先级,此数组定义了除[全局中间]以外的中间件执行顺序
    //可以看到startSession永远是最开始执行的,因为startSession后,
    //我们才能在程序中使用Auth等用户认证的功能
    protected $middlewarePriority = [
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\Authenticate::class,
        \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
        \Illuminate\Auth\Middleware\Authorize::class,
    ];
}