I have an auth middleware, and checking if a request path starts with /admin and a user should have a valid cookie, else it should redirect to the home page, where the user can login.

It works great if typed the URL. If I used links, it just bypasses this middleware all together.

How to make sure the middleware is called before routing?