pelican-panel-mirror/app/Http/Middleware/AdminAuthenticate.php

<?php

namespace App\Http\Middleware;

use Illuminate\Http\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

class AdminAuthenticate
{
    /**
     * Handle an incoming request.
     *
     * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
     */
    public function handle(Request $request, \Closure $next): mixed
    {
        if (!$request->user() || !$request->user()->isRootAdmin()) {
            throw new AccessDeniedHttpException();
        }

        return $next($request);
    }
}