I have the following route that I need to bypass an AuthMiddleware :
// api.php
Route::withoutMiddleware([AuthMiddleware::class])->group(function () {
Route::get('/auth/check', [AuthController::class, 'checkUserAuthentication']);
});
And my app.php looks like this :
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__ . '/../routes/web.php',
api: __DIR__ . '/../routes/api.php',
commands: __DIR__ . '/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
$middleware->alias([
'sso' => AuthMiddleware::class,
]);
$middleware->use([
AuthMiddleware::class,
]);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
But my issue is that when i call that route, the AuthMiddleware is till being applied anyways.
I don’t understand why.
EDIT : looks like Laravel does not provide this functionnality https://github.com/laravel/framework/pull/32404#issuecomment-614808543
2
Answers
Your edit is correct, you can not use
withoutMiddlewarein combination with global middleware.However, you can use
withoutMiddlewarein combination with middleware groups.Defining your middleware within a group instead of globally would look something like this (depending on which of your groups requires the
AuthMiddleware):Laravel at the moment does not support this, you would see from here that the issue created for this in your reference was closed