Tags
Tiếng Việt中文(简体)
Development

What is Middleware? Features and Applications for REST API

Captain Tran
Featured image of post What is Middleware? Features and Applications for REST API

Middleware is intermediary software that connects system components. Learn how it works, types, applications in REST API, and practical examples with Laravel.

Middleware is a software layer that connects system components, processing requests before they reach the main application. This article explains how it works, types, applications in REST API, and practical examples with Laravel.

What is Middleware?

Middleware is a software layer between the operating system, database, and application. It acts as a bridge enabling different system components to communicate and exchange data, regardless of programming language or platform.

The concept of middleware emerged in the 1980s when enterprise systems needed to integrate applications across different platforms. Instead of each application handling its own connections, middleware provides a common abstraction layer — reducing complexity and improving scalability.

In modern web development, middleware typically refers to the request/response processing mechanism in frameworks like Express.js, Laravel, and Django — intercepting and processing HTTP requests before they reach the controller.

How It Works

Middleware operates on a pipeline model (processing chain):

  1. Client sends an HTTP request to the server.
  2. Middleware 1 intercepts the request → performs processing (e.g., CORS check).
  3. Middleware 2 continues processing (e.g., JWT token authentication).
  4. Middleware 3 processes further (e.g., logging, rate limiting).
  5. Controller receives the middleware-processed request, executes business logic.
  6. Response travels back through the middleware pipeline before reaching the client.

Each middleware can:

  • Forward the request to the next middleware (call next()).
  • Block the request and return a response immediately (e.g., 401 Unauthorized).
  • Transform the request/response (add headers, transform data).

Middleware Types

Type Function Examples
Message-Oriented (MOM) Asynchronous messaging between systems RabbitMQ, Apache Kafka, ActiveMQ
Database Middleware Connects applications to multiple database types ODBC, JDBC, Sequelize
Application Server Provides application runtime environment Tomcat, WildFly, IIS
API/Integration Connects and manages APIs between services MuleSoft, Apache Camel, Kong
Web Middleware Processes HTTP requests in web frameworks Express middleware, Laravel middleware
RPC Middleware Remote procedure calls between systems gRPC, XML-RPC, JSON-RPC
Middleware vs API Gateway
Middleware handles logic inside the application (authentication, logging). API Gateway manages external traffic (routing, rate limiting, load balancing). In microservices, an API Gateway often combines multiple middleware internally.

Middleware in REST API

In REST APIs, middleware handles common tasks separated from business logic:

Middleware Function Examples
Authentication Verifies users via JWT, OAuth, API Key passport.js, jwt-auth
Authorization Checks resource access permissions Role-based, Policy-based
Validation Validates input data express-validator, Form Request
Rate Limiting Limits requests per time period express-rate-limit, throttle
CORS Allows requests from other domains cors middleware
Logging Logs request/response data morgan, monolog
Compression Compresses responses to reduce bandwidth compression, gzip
Error Handling Centralized error processing Error middleware

Example authentication middleware in Express.js:

const authMiddleware = (req, res, next) => {
  const token = req.headers.authorization?.split(' ')[1];
  if (!token) return res.status(401).json({ error: 'Token required' });

  try {
    req.user = jwt.verify(token, process.env.JWT_SECRET);
    next(); // Pass to next middleware/controller
  } catch (err) {
    res.status(403).json({ error: 'Invalid token' });
  }
};

app.get('/api/profile', authMiddleware, profileController);

What is an Application Server? Features, Benefits and Use Cases

Middleware in Laravel

Laravel integrates middleware into its HTTP pipeline at 3 levels:

  • Global Middleware: Runs for every request (e.g., TrustProxies, HandleCors).
  • Route Middleware: Assigned to specific routes (e.g., auth, throttle).
  • Middleware Group: Groups multiple middleware (e.g., web, api).

Creating custom middleware:

php artisan make:middleware CheckAge

// app/Http/Middleware/CheckAge.php
public function handle(Request $request, Closure $next)
{
    if ($request->age < 18) {
        return redirect('home');
    }
    return $next($request);
}

Register and use:

// routes/web.php
Route::get('/dashboard', function () {
    // Logic
})->middleware('check.age');

Laravel also supports terminable middleware — processing after the response has been sent to the client (e.g., logging, sending notifications).

Benefits and Use Cases

  • Separation of Concerns (SoC): Authentication, logging, and caching logic separated from business logic — cleaner code, easier maintenance.
  • Reusability: A single middleware can be used across multiple routes/controllers without code duplication.
  • Centralized Security: Authentication, authorization, and input validation at a single point instead of scattered throughout.
  • Easy Scaling: Adding/removing middleware doesn't affect core application logic.
  • Performance: Caching and compression middleware optimize response time.
  • Monitoring: Logging middleware records all requests for tracking and debugging.
Middleware Best Practices
Keep each middleware simple, doing one thing (Single Responsibility). Order correctly — CORS before Authentication before Authorization. Avoid placing business logic in middleware. Use middleware groups for easier management.

What is Laravel? The Most Popular PHP Framework

Conclusion: Middleware is an essential intermediary software layer in modern application architecture, from enterprise system integration to HTTP request processing in web frameworks. Understanding and using middleware correctly helps build secure, scalable, and maintainable applications.

Sources & References
1. [Mozilla — HTTP Middleware](https://developer.mozilla.org/en-US/docs/Glossary/Middleware) 2. [Express.js — Using Middleware](https://expressjs.com/en/guide/using-middleware.html) 3. [Laravel — Middleware Documentation](https://laravel.com/docs/middleware) 4. [Wikipedia — Middleware](https://en.wikipedia.org/wiki/Middleware) 5. [Red Hat — What is Middleware?](https://www.redhat.com/en/topics/middleware/what-is-middleware)

Frequently Asked Questions

What is Middleware?
Middleware is a software layer between the operating system/database and applications, helping components communicate, exchange data, and process requests efficiently.
How does Middleware work?
Middleware intercepts requests before they reach the main application, performs processing (authentication, logging, data transformation), then forwards or returns a response. This forms a middleware pipeline.
What are the types of Middleware?
Types include: Message-Oriented (MOM), Database Middleware, Application Server Middleware, API/Integration Middleware, and Web Middleware (handling HTTP requests in frameworks like Express, Laravel, Django).
What does Middleware do in REST APIs?
In REST APIs, middleware handles common tasks like JWT/OAuth authentication, logging, rate limiting, CORS, input validation, response compression, and error handling — separated from business logic.
How do you create Middleware in Laravel?
Use php artisan make:middleware MiddlewareName, write logic in the handle() method, register in bootstrap/app.php or assign directly to routes/groups. Laravel supports global, route, and group middleware.

article.share