ÿØÿÛC  ÿØÿÛC  path(); // Protected portal route: must be authenticated as portal client only, never as admin. if ($this->isProtectedPortalPath($path)) { $isAdmin = Auth::guard('web')->check(); $isPortalClient = Auth::guard('portal')->check(); if ($isAdmin && ! $isPortalClient) { return $request->expectsJson() ? response()->json(['message' => 'Portal access is for clients only. Please log in with your portal account.'], 403) : abort(403, 'Portal access is for clients only.'); } } return $next($request); } protected function isProtectedPortalPath($path) { foreach ($this->protectedPaths as $prefix) { if ($path === $prefix || strpos($path, $prefix . '/') === 0) { return true; } } // Any other path under api/portal (e.g. invoices/1, profile/password) is protected if (preg_match('#^api/portal/([^/]+)#', $path, $m)) { $firstSegment = $m[1]; if (! in_array($firstSegment, ['login', 'set-password', 'validate-invite'], true)) { return true; } } return false; } }