modify auth middleware to force a user logout in laravel 5.4?

just create ANOTHER middleware that checks that field in the logged in user. If it's "N", then do the logout, or redirect:

artisan make:middleware CheckIsActive

then in \app\http\Kernel.php, in the $routeMiddleware array, add:

'isActive' => \App\Http\Middleware\CheckIsActive::class,

then in \app\http\Middleware\CheckIsActive.php, something like this in the handle method (just use boolean and not N/Y, but whatever..):

        if(!$request->user()->is_active == 'N')
        //logout, redirect wherever you want, etc.
        }
    return $next($request);

then, you apply that middleware too the routes you want. if it's applicable to all the routes, you could do something like this in web.php

Route::group(['middleware' => 'isActive'], function () {
    //all your protected routes
});

@ricardoarg thanks, i was hoping to just attach to the existing auth middleware but this works as well. i created a middleware and added it to the web middleware group. i was trying to add it to the global but i guess auth status can't be determined at that stage. the middleware should only logout users who are logged in and have a is_active != 'Y'. otherwise it should allow the next request. here's the code i ended up with.

public function handle($request, Closure $next)
    {
        if (Auth::check())
        {
            if (Auth::User()->is_active != 'Y')
            {
                Auth::logout();
                return redirect()->to('/')->with('warning', 'Your session has expired because your account is deactivated.');
            }
        }
        return $next($request);
    }