initial: bootstrap from BukidBountyApp base

app/Http/Middleware/EnsureUserIsUltimate.php

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Hyperf\HttpMessage\Exception\UnauthorizedHttpException;
+use Hyperf\HttpServer\Annotation\Middleware;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Message\ResponseInterface;
+
+use Hypervel\Support\Facades\Auth;
+
+use App\Enums\UserTypes;
+
+class EnsureUserIsUltimate extends Middleware
+{
+    /**
+     * Process an incoming server request.
+     */
+    public function handle(ServerRequestInterface $request, Closure $next): ResponseInterface
+    {
+        $user = Auth::user();
+
+        if (!$user || $user->acct_type !== UserTypes::ULTIMATE) {
+            throw new UnauthorizedHttpException('', 'Unauthorized: Only ultimate users allowed.');
+        }
+
+        return $next($request);
+    }
+}