Accessing roles on the interface Illuminate\Contracts\Auth\Authenticatable suggest that you code against a concrete implementation. How about adding an instanceof check?
Loading history...
17
$same = (array_intersect($roles, $user_roles));
18
19
if (empty($same)) {
20
throw AuthException::auth('401', 'User does not have right roles');