// in terminal, php artisan to create middleware
php artisan make:middleware VerifyIsAdmin
// in VerifyIsAdmin middleware file
public function handle(Request $request, Closure $next)
{
if (!auth()->user()->isAdmin()) {
return redirect()->back();
}
return $next($request);
}
// must register in kernel.php
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'verifyCategoryCount' => VerifyCategoriesCount::class,
'admin' => VerifyIsAdmin::class,
];
// use in Route to ensure user is authenticated and admin
Route::middleware(['auth', 'admin'])->group(function () {
Route::get('users', [UsersController::class, 'index'])->name('users.index');
});