disable web middleware for specific routes in laravel 5.2

Stefan Izdrail

Founder & Senior Architect · 2026-06-29

Laravel Company
Title: Disabling Web Middleware for Specific Routes in Laravel 5.2 Introduction In this blog post, we will learn how to give guest users access to the home page while still using Laravel's built-in authentication process in Laravel 5.2. We will explain how to disable web middleware for specific routes and provide a step-by-step guide for implementation. Let's begin by analyzing the code samples provided. Code Analysis 1. routes.php: This file contains the main route definitions, including authentication routing and home page access for authenticated users. The `Route::group(['middleware' => 'web'], ...)` statement groups all these routes inside a single middleware context. 2. auth.php: The Authenticate class defines a custom middleware for handling unauthorized requests with specific error responses based on the request type (ajax or non-ajax). It also redirects guests to the login page. This ensures that only authenticated users can access protected routes. 3. kernel.php: This file contains application configuration details, including global HTTP middleware and middleware groups. The current configuration applies a set of default middlewares for all requests. Approach To grant guest users access to the home page while bypassing the built-in authentication process, we will modify the code as follows: 1. Remove the `web` group from the affected routes in the routes file (routes.php). This removes the 'web' middleware check for these specific routes. 2. Update the kernel configuration to remove the 'web' middleware group and add a new custom group with the required middlewares. 3. Create a new authentication function that redirects guests directly to the home page if they don't have an active session, bypassing the default login redirection. Code Changes 1. routes.php: Remove the 'web' route group for your specific routes (e.g., home page). This allows guest users to access them without being redirected to the authentication process.
Route::get('/', 'HomeController@index');
2. auth.php: Create a new Authenticate class with the following code for handling unauthorized requests. You can also modify the existing one if it suits your needs.
if (Auth::guard($guard)->guest()) {
    if ($request->ajax()) {
        return response('Unauthorized.', 401);
    } else {
        if ($specific_routes) { // Add this condition to handle custom routes
            return redirect()->route('home'); // Redirect guests directly to the home page
        } else {
            return redirect()->guest('login');
        }
    }
}
...
3. kernel.php: Remove 'web' middleware group and add a new one for your specific routes with necessary middlewares.
/**
 * The application's route middleware groups.
 *
 * @var array
 */
protected $middlewareGroups = [
    'custom_routes_without_web_middleware' => ['auth', ...], // Add your custom routes here

    'web' => [...],

    'api' => [
        'throttle:60,1',
    ],
];
By following these steps, you will have successfully disabled the web middleware for specific routes in Laravel 5.2 and given guest users access to your home page while preserving authentication for other protected routes.