guest()) { return Response::json(['error' => 'you are not allowed to perform this operation']); } if(!Auth::user()->isOpenIdServerAdmin()) { return Response::json(['error' => 'you are not allowed to perform this operation']); } return $next($request); } }