role === 'admin') { return $next($request); } return redirect('/')->with('error', 'Unauthorized access'); } }