diff --git a/app/Http/Middleware/CheckRoles.php b/app/Http/Middleware/CheckRoles.php
new file mode 100644
index 0000000000000000000000000000000000000000..6fc699e7f2a63a10e16823569279c2f1c85bfa58
--- /dev/null
+++ b/app/Http/Middleware/CheckRoles.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class CheckRoles
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next, ... $roles): Response
+    {
+        if($roles){
+            $user = auth()->user();
+
+            foreach($roles as $role){
+                if($user->hasRole($role)){
+                    return $next($request);
+                }
+            }
+
+            return abort(401);
+        }else{
+            return $next($request);
+        }
+    }
+}
diff --git a/bootstrap/app.php b/bootstrap/app.php
index a4ae0f1583ed5a1c680dd6d001373d489d72902b..85966f98b8e71d6b7c5307fd687180cd3ab1bc08 100644
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -5,6 +5,7 @@
 use Illuminate\Foundation\Configuration\Middleware;
 
 use App\Http\Middleware\CheckBanned;
+use App\Http\Middleware\CheckRoles;
 
 return Application::configure(basePath: dirname(__DIR__))
     ->withRouting(
@@ -15,6 +16,7 @@
     )
     ->withMiddleware(function (Middleware $middleware) {
         $middleware->append(CheckBanned::class);
+        $middleware->append(CheckRoles::class);
     })
     ->withExceptions(function (Exceptions $exceptions) {
         //