PHP

How to close access to the admin panel on a site with MVC?

Hello, there was a problem accessing the admin panel. At the moment, to get into the AP, you need to have the admin role in the database (a check is being made and all the rules are in progress). But now you need to make it so that you can only go through apache authorization with a password in the AP.
In the root folder there is .htaccess with the following code:

AddDefaultCharset utf-8

RewriteEngine on
RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule ^(.*)$ index.php

The root index.php itself has the following code:

<?php

// FRONT CONTROLLER

ini_set('display_errors',1);
error_reporting(E_ALL);

session_start();

// Подключение файла
define('ROOT', dirname(__FILE__));

// Автозагрузка классов
require_once(ROOT.'/components/Autoload.php');


// Роутер
$router = new Router();
$router->run();

Well, in the router, all paths are created. And because of this, the above .htaccess applies to all folders. I tried to create a second .htaccess with this code:

AddDefaultCharset utf-8

AuthType Basic
AuthName "Admin Panel"
AuthUserFile C:\Open\OSPanel\domains\web\views\admin\.htpasswd
Require valid-user

RewriteRule ^(.*)$ index.php

in a folder in view/admin.



But, it doesn't work.
There is an idea to make a check in the router if the /admin URL is encountered, create this .htaccess file that would block access. But I don't know how to implement it.
Or where should the .htaccess file be located so that when you go to /admin, access is denied to everyone?