app/Http/Middleware/Roles.php
<?php
namespace App\Http\Middleware;
use Closure;
class Roles
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @return mixed
*/
public function handle($request, Closure $next, ...$roles)
{
foreach ($roles as $role) {
if ($request->user()->hasRole($role)) {
return $next($request);
}
}
abort(401);
}
}