user()) { return redirect()->route('login'); } // Allow access if user has any of the specified roles if (in_array($request->user()->role, $roles)) { return $next($request); } // If user doesn't have the required role return redirect()->back()->with('error', 'You do not have permission to access this page.'); } }