Add DangerZone middleware

app/Http/Kernel.php

@@ -57,6 +57,7 @@ class Kernel extends HttpKernel
         'bindings'      => \Illuminate\Routing\Middleware\SubstituteBindings::class,
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
         'can'           => \Illuminate\Auth\Middleware\Authorize::class,
+        'dangerzone'    => \App\Http\Middleware\DangerZone::class,
         'guest'         => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'signed'        => \Illuminate\Routing\Middleware\ValidateSignature::class,
         'throttle'      => \Illuminate\Routing\Middleware\ThrottleRequests::class,

app/Http/Middleware/DangerZone.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App, Auth, Closure;
+use Carbon\Carbon;
+
+class DangerZone
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if(!Auth::check()) {
+            return redirect(route('login'));
+        }
+        if(!$request->is('i/auth/sudo')) {
+            if( false == $request->cookie('sudoMode') ) {
+                return redirect('/i/auth/sudo')->withCookie('redirectNext', $request->url());
+            } 
+            if( $request->cookie('sudoMode') < Carbon::now()->subMinutes(30)->timestamp ) {
+                return redirect('/i/auth/sudo')->withCookie('redirectNext', $request->url());
+            } 
+        }
+        return $next($request);
+    }
+}