Assume a situation in your web application where a URL will be only accessible for a limited time. Suppose, you want to create an invite-only registration system with a link and that link will be only valid for a specific time. How we can solve this issue?
Laravel provides us a built-in signed middleware. If you see the kernel.php file then you will notice that there is a middleware called signed.
App\Http\Kernel.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
protected $middleware = [
// \App\Http\Middleware\TrustHosts::class,
\App\Http\Middleware\TrustProxies::class,
\Illuminate\Http\Middleware\HandleCors::class,
\App\Http\Middleware\PreventRequestsDuringMaintenance::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \App\Http\Middleware\ValidateSignature::class, //signed middleware
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
}
Laravel signed routes allow us to create routes accessible only when a signature is passed as a GET parameter for this URL like:
SIGNED ROUTE URL
In this tutorial, I will show you how to create laravel signed url routes and laravel signed url middleware. Now let's see how we can define laravel signed url route. If you do not know, just follow the below step to see laravel signed url.
Step 1: Create Route
In this step, we will create laravel signed url middleware. To create it update your web.php file.
routes/web.php
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\TestController;
Route::get('/registration', [TestController::class,'index'])
->name('registration')
->middleware('signed');
Route::get('/generate-signature', [TestController::class,'registration']);
Step 2: Create Controller
So in this step, if you want to create signed middleware laravel, We need to create the below method to get laravel signed url example.
app/Http/Controllers/TestController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\URL;
class TestController extends Controller
{
public function index()
{
return 'some_code_goes_here';
}
public function registration()
{
return URL::temporarySignedRoute(
'discount', now()->addMinutes(30)
);
}
}
Now if we visit the following URL http://127.0.0.1:8000/generate-signature, then we will see that our Laravel signed URL with the signature which will allow us to access this route for a limited time which we defined.
URL
Read also: Laravel 9 Throttle Rate Limiters Middleware Example
Conclusion
I have tried to discuss the clear concept of laravel signed routes. Now we know how to create laravel signed url. Hope this laravel signed url middleware example tutorial will help you
