feat(middleware): add check admin middleware

app/Http/Middleware/CheckAdminMiddleware.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Http\Trait\ApiResponseTrait;
+use Closure;
+use Illuminate\Http\Request;
+use Laravel\Sanctum\PersonalAccessToken;
+use Symfony\Component\HttpFoundation\Response;
+
+class CheckAdminMiddleware
+{
+    use ApiResponseTrait;
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        $authHeader = $request->header('authorization');
+        $token = $authHeader && strlen($authHeader) > 7 ? substr($authHeader, 7) : null;
+        $personalAccessToken = $token ? PersonalAccessToken::findToken($token) : null;
+        $user = $personalAccessToken?->tokenable;
+
+        if ($user and $user?->getRoleNames()->toArray()[0] === "admin") {
+            return $next($request);
+        }else {
+            return $this->fail();
+        }
+    }
+}

routes/api.php

@@ -3,10 +3,14 @@
 use App\Http\Controllers\Auth\AuthController;
 use App\Http\Controllers\CodeController;
 use App\Http\Controllers\InfoController;
+use App\Http\Middleware\CheckAdminMiddleware;
 use Illuminate\Support\Facades\Route;
 
 Route::name('api.')->group(function () {
     Route::prefix('v1')->name('v1.')->group(function () {
+        Route::post("test", function () {
+            echo "ok";
+        })->middleware(CheckAdminMiddleware::class);
         Route::post('auth', [AuthController::class, 'auth'])->name('auth');
         Route::post('verify', [AuthController::class, 'verify'])->name('verify');
         Route::resource('code', CodeController::class)->except(['create', 'edit', 'store', 'destroy']);