Laravel Middleware return variable to controller

Question

I am carrying out a permissions check on a user to determine whether they can view a page or not. This involves passing the request through some middleware first.

The problem I have is I am duplicating the same database query in the middleware and in the controller before returning the data to the view itself.

Here is an example of the setup;

-- routes.php

Route::get('pages/{id}', [
   'as' => 'pages',
   'middleware' => 'pageUser'
   'uses' => 'PagesController@view'
]);

-- PageUserMiddleware.php (class PageUserMiddleware)

public function handle($request, Closure $next)
    {
        //get the page
        $pageId = $request->route('id');
        //find the page with users
        $page = Page::with('users')->where('id', $pageId)->first();
        //check if the logged in user exists for the page
        if(!$page->users()->wherePivot('user_id', Auth::user()->id)->exists()) {
            //redirect them if they don't exist
            return redirect()->route('redirectRoute');
        }
        return $next($request);
    }

-- PagesController.php

public function view($id)
{
    $page = Page::with('users')->where('id', $id)->first();
    return view('pages.view', ['page' => $page]);
}

As you can see, the Page::with('users')->where('id', $id)->first() is repeated in both the middleware and controller. I need to pass the data through from one to the other so an not to duplicate.

I was going to ask sort of the same, took me a long time to find this answer. Here is my question. I'll add it here for SEO/findability reasons, hope that's ok: Laravel 5.0 - Load model in middleware AND controller. How do I load an instance of the Users model so that the same instance (only one database query) is available in both the Middleware and the Controller? Because in the middleware I want to check if the user is Authorized and in the Controller I might want to present information about the User or manipulate the User somehow. — , Oct 27 '15 at 05:41

score 165 · Accepted Answer · edited Apr 12 '19 at 15:33

165

I believe the correct way to do this (in Laravel 5.x) is to add your custom fields to the attributes property.

From the source code comments, we can see attributes is used for custom parameters:

 /**
 * Custom parameters.
 *
 * @var \Symfony\Component\HttpFoundation\ParameterBag
 *
 * @api
 */
public $attributes;

So you would implement this as follows;

$request->attributes->add(['myAttribute' => 'myValue']);

You can then retrieved the attribute by calling:

\Request::get('myAttribute');

Or from request object in laravel 5.5+

 $request->get('myAttribute');

edited Apr 12 '19 at 15:33

Abdul Rehman

1,662
3
22
36

answered Jul 16 '15 at 12:22

GWed

15,167
5
62
99

I have changed this to the correct answer. Whilst Norman was right, this seems to adhere to Laravel's best practices. Thanks – Alex Aug 26 '15 at 07:28
1

How do you then access the attributes within the receiving controller? – user985366 Feb 26 '16 at 09:00
1

add request class to controller method arguments (IoC container) or call static class \Request – GWed Feb 26 '16 at 17:26
8

$myAttribute = \Request::get('myAttribute'); – Shawn C. Mar 28 '16 at 15:33
4

Wow, this solution looks very clean! – schellingerht May 12 '16 at 19:25
1

for some reason, `$request->attributes->add(['key => 'value'] );` did not work for me but `$request->attributes->set('key', 'value')` worked, I could fetch the data using `$request->get('key')`, – developernaren Aug 12 '16 at 05:17
What version of laravel are you using? – GWed Aug 12 '16 at 06:40
1

What if someone want to add an object instead of just string value? – Hafiz Oct 26 '16 at 13:09
1

It's just an array so an object can be added the same way as you do for any array – GWed Oct 26 '16 at 13:12
1

Can't make it work - value is still empty. Laravel 5.3.4. Trying to use code in answer and @developernaren example :( – Gediminas Šukys Feb 16 '17 at 08:13
1

@Gediminas can you post your code snippet somwhere? It is working perfectly for me. Make sure the middleware is called when the controller is called. – developernaren Feb 16 '17 at 09:22
1

@Gaz_Edge Thanks a lot! Using Laravel 5.4.23 and putting arrays/objects inside attributes works like a charm! – Vinay Vissh Jun 30 '17 at 05:49
3

You can also use `$request->request->add(['myAttribute' => 'myValue']);` to be able to use the magic getter shorthand `$request->myAttribute` – jonan.pineda Nov 17 '17 at 09:11
1

Is this really good praxis? Shouldn't the request object represent only what we got from the browser? – Olle Härstedt Sep 08 '20 at 18:15
Dont add the attribute to the request using $request->request->add ..., it adds side effects, read below: https://stackoverflow.com/a/73131117/8485567 – Bernard Wiesner Jul 27 '22 at 00:44

score 41 · Answer 2 · answered Oct 23 '15 at 08:15

41

Instead of custom request parameters, you can follow the inversion-of-control pattern and use dependency injection.

In your middleware, register your Page instance:

app()->instance(Page::class, $page);

Then declare that your controller needs a Page instance:

class PagesController 
{
    protected $page;

    function __construct(Page $page) 
    {
        $this->page = $page;
    }
}

Laravel will automatically resolve the dependency and instantiate your controller with the Page instance that you bound in your middleware.

answered Oct 23 '15 at 08:15

crishoj

5,660
4
32
31

1

This is a really good idea, I went ahead and created a Service Provider then registered a Service Container. That way when needed some attributes, I would just inject the dependencies. Much cleaner and transparent. Thanks! – Arian Acosta Oct 16 '16 at 19:58
1

@ArianAcosta Please, can you elaborate an answer with your way? I mean, how to use dependency injection and how it is associated with the middleware. – JCarlosR Apr 27 '17 at 16:31
4

@JCarlos Sure! The idea would be to have a custom Service Container class that holds as internal properties the data that you need to pass around between the middleware and the controller. If you register that Service Container as a singleton with $this->app->singleton(...) then, it will always be the same instance every time you inject it. So, essentially you would first inject it in the middleware (by simply requiring it as an argument), then put the data inside of it, and finally require it in the controller where you can access the data. See https://laravel.com/docs/5.4/container good luck – Arian Acosta Apr 28 '17 at 21:37
2

This is a GREAT answer ... neat! :) – Pietro Sep 19 '17 at 13:59
8

Remark: in __constructor it doesn't work, because middleware loaded after controller's constructor. But you could use DI in any action of controller. – Serhii Topolnytskyi Mar 28 '19 at 16:32
@SerhiiTopolnytskyi In my case that works in the constructor. – hizmarck Mar 19 '20 at 02:28

score 28 · Answer 3 · edited Apr 04 '22 at 15:57

28

In Laravel >= 5 you can use $request->merge in the middleware.

public function handle($request, Closure $next)
{
    $request->merge(["myVar" => "1234"]);
    
    return $next($request);
}

And in the controller

public function index(Request $request)
{
    $myVar = $request->myVar;
    ...
}

edited Apr 04 '22 at 15:57

Karl Hill

12,937
5
58
95

answered Nov 07 '15 at 13:50

Vinicius

595
5
8

11

Why would you access `Request::instance()` statically, rather than using `$request`? – jjok Sep 07 '17 at 13:58
This is not a good solution, it can cause unexpected side effects, check my answer below for more details: https://stackoverflow.com/a/73131117/8485567 – Bernard Wiesner Jul 27 '22 at 00:42

score 25 · Answer 4 · answered Oct 12 '18 at 19:29

25

Laravel 5.7

// in Middleware register instance
app()->instance('myObj', $myObj);

and

// to get in controller just use the resolve helper
$myObj = resolve('myObj');

answered Oct 12 '18 at 19:29

Илья Зеленько

7,509
3
44
55

score 10 · Answer 5 · answered Sep 27 '17 at 15:30

As mentioned in one of the comments above for laravel 5.3.x

$request->attributes->add(['key => 'value'] );

Doesn't work. But setting the variable like this in the middleware works

$request->attributes->set('key', 'value');

I could fetch the data using this in my controller

$request->get('key');

score 10 · Answer 6 · answered Aug 07 '18 at 07:56

10

It is very simple:

Here is middleware code:

public function handle($request, Closure $next)
{

    $request->merge(array("customVar" => "abcde"));

    return $next($request);
}

and here is controller code:

$request->customVar;

answered Aug 07 '18 at 07:56

Ashfaq Muhammad

780
5
10

this worked,thanks bro – Ali Jan 04 '22 at 17:46

score 6 · Answer 7 · edited May 23 '17 at 12:26

6

I am sure if it was possible to pass data from a middleware to a controller then it would be in the Laravel documentation.

Have a look at this and this, it might help.

In short, you can piggy back your data on the request object which is being passed to the middleware. The Laravel authentication facade does that too.

So, in your middleware, you can have:

$request->myAttribute = "myValue";

edited May 23 '17 at 12:26

Community

1
1

answered May 13 '15 at 12:33

Noman Ur Rehman

6,707
3
24
39

Thanks @norman - thats a good solution and i didn't know you could do it...! I was questioning if i should be using middleware at this point at all, but it seems i should. The documentation does not mention anything of the sort. Thanks again – Alex May 13 '15 at 13:11
1

@Alex Yes, I think if its a common piece of code that executes in every controller action, it is not a bad idea to implement it as a middleware. – Noman Ur Rehman May 13 '15 at 14:00

score 2 · Answer 8 · edited Dec 30 '19 at 14:01

2

$request is the array so that we can just add value and key to the array and get the $request with this key in the controller.

$request['id'] = $id;

edited Dec 30 '19 at 14:01

JON

965
2
10
28

answered Nov 15 '17 at 10:54

Durgesh Pandey

119
1
1
11

score 2 · Answer 9 · answered Jan 19 '19 at 15:18

If your website has cms pages which are being fetched from database and want to show their titles in the header and footer block on all pages of laravel application then use middleware. Write below code in your middleware:

namespace App\Http\Middleware;

use Closure;

use Illuminate\Support\Facades\DB;

public function handle($request, Closure $next)
{    

$data = DB::table('pages')->select('pages.id','pages.title')->where('pages.status', '1')->get();

\Illuminate\Support\Facades\View::share('cms_pages', $data);

return $next($request);

}

Then goto your header.blade.php and footer.blade.php and write below code to add links of cms pages:

<a href="{{ url('/') }}">Home</a> | 

@foreach ($cms_pages as $page) 

<a href="{{ url('page/show/'.$page->id) }}">{{ $page->title }}</a> | 

@endforeach

<a href="{{ url('contactus') }}">Contact Us</a>

Thanks a lot to all and enjoy the code :)

score 2 · Answer 10 · answered Jul 27 '22 at 00:41

The accepted answer is the best practice and I will expand as to why.

There are multiple ways to add parameters to the request, as some suggested you can do:

$request->merge(["foo" => "bar"]);

The problem with this, is it will add your parameter to the query of the request. If later on in your code you try to get the query parameters of the url and do:

$request->query();

You will unexpectedly obtain the added parameter above that is actually not in the query of the current url, this could introduce bugs in your code, as an example if you are building some link with the full path of the current url and query string.

To avoid such a side effect its best to store custom parameters in the attributes property of the request.

$request->attributes->add(["foo" => "bar"])

Note that if you do above you CANNOT obtain the parameter by using magic methods such as:

$request->foo // Does not work, returns null!

You need to use the get() method on the request:

$request->get('foo'); // works!

score 1 · Answer 11 · edited Aug 18 '15 at 10:04

1

i don't speak english, so... sorry for possible errors.

You can use the IoC binding for this. In your middleware you can do this for binding $page instance:

\App::instance('mi_page_var', $page);

After, in your controller you call that instance:

$page = \App::make('mi_page_var');

The App::instance not re-instance the class, instead return the instance previusly binding.

edited Aug 18 '15 at 10:04

Anand S Kumar

88,551
18
188
176

answered Aug 18 '15 at 10:03

Carlos Porter

9
1

score 1 · Answer 12 · answered Jul 06 '18 at 10:57

I was able to add values to the Request-object with:

$request->attributes->set('key', 'value');

and get them back at a later point with:

$request->attributes->get('key');

This is possible because laravels Request extends symfonys Request which has the attribute "$attributes" of type ParameterBag that is intended to hold custom parameters.

I think this should be Best Practice to pass data to subsequent Middleware, Controllers or any other place where it's possible to access the Request-object.

Tested with Laravel 5.6, but probably also working with other versions.

score 0 · Answer 13 · answered Apr 07 '23 at 02:54

You can make a method on your controller, for example

public function setSomeVariableOnMyController(array $in): void

then call it in your middleware and pass any data there like this:

$request
        ->route()
        ->getController()
        ->setSomeVariableOnMyController($anyData);

tested on laravel 9

Laravel Middleware return variable to controller

13 Answers13

Laravel 5.7

Linked

Related