diff --git a/Updated_Cms/app/Http/Middleware/BannedMiddleware.php b/Updated_Cms/app/Http/Middleware/BannedMiddleware.php
index 6142dbe8eb..27d1e5d11f 100644
--- a/Updated_Cms/app/Http/Middleware/BannedMiddleware.php
+++ b/Updated_Cms/app/Http/Middleware/BannedMiddleware.php
@@ -20,7 +20,9 @@ class BannedMiddleware
             ->exists();
 
         if ($request->is('logout')) {
-            return $next($request);
+            $response = $next($request);
+            assert($response instanceof Response);
+            return $response;
         }
 
         if (! $authenticated && ! $ipBan && $request->is('banned')) {
@@ -43,6 +45,8 @@ class BannedMiddleware
             }
         }
 
-        return $next($request);
+        $response = $next($request);
+        assert($response instanceof Response);
+        return $response;
     }
 }
diff --git a/Updated_Cms/app/Http/Middleware/FindRetrosMiddleware.php b/Updated_Cms/app/Http/Middleware/FindRetrosMiddleware.php
index 36dd4e9213..68ab72cbac 100644
--- a/Updated_Cms/app/Http/Middleware/FindRetrosMiddleware.php
+++ b/Updated_Cms/app/Http/Middleware/FindRetrosMiddleware.php
@@ -18,6 +18,8 @@ class FindRetrosMiddleware
             return redirect($findRetrosService->getRedirectUri());
         }
 
-        return $next($request);
+        $response = $next($request);
+        assert($response instanceof Response);
+        return $response;
     }
 }
diff --git a/Updated_Cms/app/Http/Middleware/ForceStaffTwoFactorMiddleware.php b/Updated_Cms/app/Http/Middleware/ForceStaffTwoFactorMiddleware.php
index d1451ac53d..16e5e82263 100644
--- a/Updated_Cms/app/Http/Middleware/ForceStaffTwoFactorMiddleware.php
+++ b/Updated_Cms/app/Http/Middleware/ForceStaffTwoFactorMiddleware.php
@@ -12,7 +12,9 @@ class ForceStaffTwoFactorMiddleware
     public function handle(Request $request, Closure $next): Response
     {
         if (! Auth::check() || ! setting('force_staff_2fa')) {
-            return $next($request);
+            $response = $next($request);
+            assert($response instanceof Response);
+            return $response;
         }
 
         $user = $request->user();
@@ -21,10 +23,12 @@ class ForceStaffTwoFactorMiddleware
             'user/settings/2fa-verify',
         ];
 
-        if (($user->rank >= setting('min_staff_rank') && ! $user->two_factor_confirmed) && ! in_array(request()->path(), $urls)) {
+        if ($user !== null && ($user->rank >= setting('min_staff_rank') && ! $user->two_factor_confirmed) && ! in_array(request()->path(), $urls)) {
             return to_route('settings.two-factor');
         }
 
-        return $next($request);
+        $response = $next($request);
+        assert($response instanceof Response);
+        return $response;
     }
 }
diff --git a/Updated_Cms/app/Http/Middleware/InstallationMiddleware.php b/Updated_Cms/app/Http/Middleware/InstallationMiddleware.php
index f0ec653a1f..61d449ebad 100644
--- a/Updated_Cms/app/Http/Middleware/InstallationMiddleware.php
+++ b/Updated_Cms/app/Http/Middleware/InstallationMiddleware.php
@@ -26,7 +26,7 @@ class InstallationMiddleware
 
         $installation = $this->getInstallation();
 
-        if ($installation && $installation->completed && $request->is('installation*')) {
+        if ($installation->completed && $request->is('installation*')) {
             Cache::rememberForever('app_installed', fn () => true);
 
             return to_route('welcome');
@@ -133,9 +133,8 @@ class InstallationMiddleware
 
     private function isValidStep(Request $request): bool
     {
-        $step = $this->getCurrentStep($request);
-
-        return filter_var($step, FILTER_VALIDATE_INT) !== false;
+        $raw = \Illuminate\Support\Str::after($request->path(), 'step/');
+        return filter_var($raw, FILTER_VALIDATE_INT) !== false;
     }
 
     private function isNonPostRequest(Request $request): bool