From 995cc32578c91d5d3c52de76b6c20f3590ffcd9d Mon Sep 17 00:00:00 2001
From: Brian Rogers <captbrogers@gmail.com>
Date: Mon, 28 Nov 2022 12:32:29 -0700
Subject: [PATCH] adding a middleware to handle super basic admin role check

---
 src/app/Http/Kernel.php                    | 33 ++++++++++++++++++++++
 src/app/Http/Middleware/AuthorizeAdmin.php | 26 +++++++++++++++++
 2 files changed, 59 insertions(+)
 create mode 100644 src/app/Http/Kernel.php
 create mode 100644 src/app/Http/Middleware/AuthorizeAdmin.php

diff --git a/src/app/Http/Kernel.php b/src/app/Http/Kernel.php
new file mode 100644
index 0000000..3b5cea8
--- /dev/null
+++ b/src/app/Http/Kernel.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http;
+
+use Illuminate\Foundation\Http\Kernel as HttpKernel;
+
+class Kernel extends HttpKernel
+{
+    //...
+
+    /**
+     * The application's route middleware groups.
+     *
+     * @var array<string, array<int, class-string|string>>
+     */
+    protected $middlewareGroups = [
+        'web' => [
+            //...
+            \Illuminate\Session\Middleware\StartSession::class,
+            \App\Http\Middleware\SetLocale::class,
+            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
+            //...
+        ],
+
+        'admin' => [
+            //...
+            \Laravel\Jetstream\Http\Middleware\ShareInertiaData::class,
+            \App\Http\Middleware\SetLocale::class,
+            \App\Http\Middleware\AuthorizeAdmin::class,
+            //...
+        ],
+    ];
+}
diff --git a/src/app/Http/Middleware/AuthorizeAdmin.php b/src/app/Http/Middleware/AuthorizeAdmin.php
new file mode 100644
index 0000000..c695dca
--- /dev/null
+++ b/src/app/Http/Middleware/AuthorizeAdmin.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class AuthorizeAdmin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     *
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if ($request->user()->email !== env('ADMIN_EMAIL')) {
+            abort(HTTP_NOT_FOUND);
+        }
+
+        return $next($request);
+    }
+}