I want to make a middleware to protect admin routes in laravel 5.2 app. user_type isn't a field in users table in my db, but in a separate table : 
Admin's user_type_id is 4 I made this middleware :
class AdminMiddleware
{
public function handle($request, Closure $next)
{
$authedUserID = Auth::id();
$user = User::query()
->leftjoin('users_user_types as uut', 'uut.user_id', '=', 'users.id')
->where('uut.user_id',"=","$authedUserID")
->get(['users.*',
'uut.user_type_id as userType'])->first();
if ($user['userType'] !=4)
{
return redirect('/home');
}
return $next($request);
}
}
and put this in $routeMiddleware array in kernel.php :
'admin' => \App\Http\Middleware\AdminMiddleware::class
and this is one of admin routes I want to apply my middleware on :
Route::get('ptyadmin', 'AdminController@show')->middleware('admin');
The Problem is that when I go to this route with admin user(user_type = 4) or normal user(user_type = 1) it redirects to /home in both cases !!
Why does this happen and how can I fix it ??
via Rowayda Khayri
