my-projects-website/app/application/app/Http/Middleware/IsProject.php

<?php declare(strict_types=1);

namespace App\Http\Middleware;

use App\Models\Project;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

final class IsProject
{
    public function handle(Request $request, \Closure $next): Response
    {
        $project = $request->get('project');
        if (\is_null($project)) {
            \abort(Response::HTTP_NOT_FOUND);
        }

        if ($project instanceof Project === false) {
            \report("$project must be an instance of Project");
            \abort(Response::HTTP_NOT_FOUND);
        }

        if (
            $project->is_public === false
            && ( $request->user() === null || $request->user()->cannot('view', $project) )
        ) {
            \abort(Response::HTTP_FORBIDDEN);
        }

        return $next($request);
    }
}