How to manually unauthorize a user and submit an error?

Actually, the question is in the title. I do manual authorization (and registration) of the user.
The idea is this: in the database, each user has a column "verify" , in it, respectively, either true or false.
In the model, I send a request to the database, in the controller I use.

So, I have two questions:
1. Is this correct from the point of view of architecture?
Because, in fact, the check should probably occur at the expense of the middlewire, and not the controller.
2. How can I "unauthorize" a user and display an error?

public function authenticated(Request $request, $user)
  {
    $credentials = $request->only('email','password');
      if (Auth::attempt($credentials) && User::isVerify($request->input('email'))) {
          Auth::login($user, true);
      } else {
      	Auth::logout();
      	redirect('/login')->withErrors(['user_not_verified' => "Ошибка: неподтверждённый пользователь!"]);
      }
  }