. */ namespace App\Http\Middleware; use Closure; class AuthenticateAdmin { public function handle($request, Closure $next) { if (!$request->user()) { return redirect()->route('account.login'); } if (!$request->user()->admin || $request->user()->domain != $request->space->domain) { return abort(403, 'Unauthorized area'); } return $next($request); } }