With version 5.7, Laravel comes with out of box User Email Verification and Account Activation. In this tutorial we will learn step by step how we can configure Email Verification in Laravel 5.7.
Before we start with the steps, Make sure you have following ready.
- Laravel Project setup version >= 5.7
- Laravel Project connected to the database.
- Laravel Default Authentication scaffolding generated.
Alright, Let’s dive into the steps.
Prepare your User Model to Enable Email Verification
To enable email verification, the first step is to modify your User.php model class to implement contract MustVerifyEmail
Use coupon 5balloons on this Cloudways Affiliate URL to get special discount.
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable implements MustVerifyEmail
{
use Notifiable;
// ...
}
Database Changes
For Laravel Email Verification to work it must include an additional column in your user table in the database. User table is created in the database as part of the Laravel defualt Authentication scaffolding.
In order for Laravel to include the additional column go to your Terminal, Navigate to project root and execute the following command.
php artisan migrate:refresh
This will create an additional column email_verified_at
in your user table.
Route Changes
Next up, there are some changes that needs to be made in the route file located at resources > web.php
Auth::routes(['verify' => true]);
With this change an email will be sent to user email account when a new user registers on your Laravel Application.
The verification email looks like below.
But we are not done yet.
Protecting Routes
Next, we need to protect the routes from being accessed from unverified user accounts. For this we will make use of verified middleware
provided by Laravel.
Apply this middleware to routes or controller which you want to prevent from unverified users.
Route::get('profile', function () {
// Only verified users may enter...
})->middleware('verified');
Following message appears on the protected routes for unverified users.
That’s it !