Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

kevinm40's avatar

Spark middleware either/or

I am working on my first project with laravel and spark and I am making good progress, but I am not sure how to combine two middleware in an either/or fashion.

In my App/Controllers/HomeController file I have this middleware:

    public function __construct()
    {
        $this->middleware('auth');

        //$this->middleware('dev');
        $this->middleware('subscribed');

    }

Now, I want everyone who is logged in to access this ('auth') and who is also a paying subscriber ('subscribed'), and this works as expected. But this means that as a developer ('dev') I cannot access the page (as I don't have a paying subscription).

What I am looking to achieve is if either dev or subscribed then allow access. Any ideas how to achieve this?

0 likes
3 replies
brjohnson4's avatar

I had a similar problem, where I needed routes to be accessed by either subscribed or teamSubscribed. I ended up making a new middleware that checked to see if a user was in either of the two groups. So far it's working well.

Here's the thread: https://laracasts.com/discuss/channels/spark/user-and-team-plans-at-the-same-time

And here's the middleware code I used:

public function handle($request, Closure $next)
    {
        if (! $request->user()->onGenericTrial() ) {
            if(! $request->user()->subscribed() ) {
                if(! $request->user()->hasTeams() ) {
                    return $request->ajax() || $request->wantsJson()
                        ? response('Subscription Required.', 402)
                        : redirect('/settings#/subscription');
                } elseif (! $request->user()->currentTeam->subscribed() ) {
                    return $request->ajax() || $request->wantsJson()
                        ? response('Subscription Required.', 402)
                        : redirect('/settings#/subscription');
                }
            }
        }

        return $next($request);
    }

And so then I passed this middleware through my routes, rather than the subscribed or teamSubscribed middlewares.

martinbean's avatar
martinbean
8 years ago
Best Answer
Level 80

@kevinm40 You can create middleware that checks for the two conditions:

class VerifyTeamIsSubscribed
{
    public function handle($request, Closure $next)
    {
        if ($this->userCanViewTeam($request)) {
            return $next($request);
        }

        if ($request->expectsJson()) {
            return response()->json([
                'message' => 'Subscription required.',
            ], 402);
        } else {
            return redirect('/settings#/subscription');
        }
    }

    protected function userCanViewTeam(Request $request)
    {
        $team = $request->route()->parameter('team');

        if ($team->subscribed()) {
            return true;
        }

        if ($request->user() && $request->user()->ownsTeam($team)) {
            return true;
        }

        return false;
    }
}

I’ve done this for a multi-tenant CMS. I also add a banner in the header if the user’s viewing a site without a subscription:

@unless($team->subscribed())
    <div class="alert alert-warning" role="alert">
        Your website is currently <strong>unavailable</strong>.
        Subscribe to activate your website.
        <a class="alert-link" href="{{ url('/settings#/subscription'') }}">Subscribe</a>
    </div>
@endunless
kevinm40's avatar

Thanks guys, your approach helped me solve this. I went with a new middleware and copied from the two existing middlewares.

<?php

namespace App\Http\Middleware;

use Closure;
use Laravel\Spark\Spark;


class VerifyUserIsDevOrSubscriber
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next, $subscription = 'default', $plan = null)
    {

        // check if a developer
        if ($request->user() && Spark::developer($request->user()->email)) {
            return $next($request);
        }

        // not a developer, so check if a subscriber
        if ($this->subscribed($request->user(), $subscription, $plan, func_num_args() === 2)) {
            return $next($request);
        }

        // not a dev or subscriber
        return $request->ajax() || $request->wantsJson()
            ? response('Subscription Required.', 402)
            : redirect('/settings#/subscription');
    }

    /**
     * Determine if the given user is subscribed to the given plan.
     *
     * @param  \Illuminate\Contracts\Auth\Authenticatable  $user
     * @param  string  $subscription
     * @param  string  $plan
     * @param  bool  $defaultSubscription
     * @return bool
     */
    protected function subscribed($user, $subscription, $plan, $defaultSubscription)
    {
        if (! $user) {
            return false;
        }

        return ($defaultSubscription && $user->onGenericTrial()) ||
            $user->subscribed($subscription, $plan);
    }
}

Please or to participate in this conversation.