The process of using the Middleware

Hello everyone

I read the MVC-Middleware document and run simple middleware to check user authentication.

First, I understand, after running the middleware step in the next step handler should run as a single action controller, and AbstractActionController is not acceptable in the handler, and it child of Psr RequestHandlerInterface

Now I have some questions before using this method in my modules:

1- Is it’s the true way and I understand true?
2- If it’s true, which one is better? Use middleware and Psr handler or use Laminas controller as a child of AbstractActionController, which one is better and more powerful?
3- If I use Laminas controller, for some middleware use-case (like checking user access token) what should I do? call service at the start of each action?

Before reading MVC-Middleware I thought, I can write some general middleware to check User, ACL, or RBAC, request params, security, and some other dependency. But I do not know what is the best way to do this now

Please share your idea and experience with me
Best

Do you have any idea about this?

laminas-mvc-middleware could be used to run middleware pipes, but it can not be used as a middleware in front of a controller. As such, middleware pipe is an alternative to the controller.

1 Like

Thank you for your reply
Then if I use middleware, I should use (( middleware-pipe / handler)) Instead of the controller. But if I use middleware-pipe I don’t have access to all MVC controller plugins, service, view manager, and AbstractController, then I lost laminas MVC power. and should write large router

According to the cause, Is it correct to use middleware?

I should ask it because we have to plan to start some new projects in 2022, based on laminas-MVC or mezzio and I have to have a technical answer for my team to questions like this

thanks

@voltan,
did you find applicable way?

@ocramius,
i have legacy app on ZF2, which i upgraded to ZF3.

simple flow for 1 route:

1. request for reset-password
2. middleware, which attaches business-logic (synchronize passwords, logging and etc)
3. vendor-code in controller's action processes reset-password's logic

so middleware looks the best place for this 1 route, which will be used rarely. so we don’t have any overhead with logic for others 100 routes.

i used it in ZF2 as code to run before controller’s action and as for me it is the most useful thing.
now after upgrade i see that middleware doesn’t work in the same way… i spent 1 day to read different information and still don’t see some strict deprecation notice in the documentation…

very strange situation.
i have big controllers and don’t want to break each action into separate RequestHandler.

questions:

  1. am i correctly understand that it was killed flow, when middleware could work before controller’s action? WHY?
  2. if YES - what is suggested ways to replace such logic in the new way?

thanks!

UPD. moved into new topic Middleware with Controller Action

Please create a separate thread for your problems as the questions have been answered in this thread.
Thanks in advance! :+1:t2: