adding a middleware to handle super basic admin role check

2022-11-28 12:32:29 -07:00 · 2022-11-28 12:32:29 -07:00 · 995cc32578
commit 995cc32578
parent 5f5b443df7
2 changed files with 59 additions and 0 deletions
--- a/src/app/Http/Kernel.php
+++ b/src/app/Http/Kernel.php
@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http;
+
+use Illuminate\Foundation\Http\Kernel as HttpKernel;
+
+class Kernel extends HttpKernel
+{
+    //...
+
+    /**
+     * The application's route middleware groups.
+     *
+     * @var array<string, array<int, class-string|string>>
+     */
+    protected $middlewareGroups = [
+        'web' => [
+            //...
+            \Illuminate\Session\Middleware\StartSession::class,
+            \App\Http\Middleware\SetLocale::class,
+            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
+            //...
+        ],
+
+        'admin' => [
+            //...
+            \Laravel\Jetstream\Http\Middleware\ShareInertiaData::class,
+            \App\Http\Middleware\SetLocale::class,
+            \App\Http\Middleware\AuthorizeAdmin::class,
+            //...
+        ],
+    ];
+}
--- a/src/app/Http/Middleware/AuthorizeAdmin.php
+++ b/src/app/Http/Middleware/AuthorizeAdmin.php
@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class AuthorizeAdmin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     *
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if ($request->user()->email !== env('ADMIN_EMAIL')) {
+            abort(HTTP_NOT_FOUND);
+        }
+
+        return $next($request);
+    }
+}