Qore.works Business

Appearance

Email verification feature

Setup

1. Enable feature in config

Before delving into the code, make sure this feature is enabled in the config. By default, the feature is enabled, and can be found in config/portal.php. Look for the features.email_verification key, and make sure its set to true

2. Check email verification routes

Three routes are needed for this feature to work. These routes can be found in the latest portal/routes/application.php.stub. These files are automatically copied to your project when creating the application, they might not be up to date with the latest version however. The latest version should look something like this

php
    // Email Verification...
    if ($this->application->features()->emailVerification()) {
        Route::get($this->application->config('paths.verification.notice', '/email/verify'), [EmailVerificationController::class, 'notice'])
            ->middleware([$authMiddleware])
            ->name('verification.notice');

        Route::get($this->application->config('paths.verification.verify', '/email/verify/{id}/{hash}'), [EmailVerificationController::class, 'verify'])
            ->middleware(['signed', 'throttle:' . $verificationLimiter])
            ->name('verification.verify');

        Route::post($this->application->config('paths.verification.send', '/email/verification-notification'), [EmailVerificationController::class, 'send'])
            ->middleware([$authMiddleware, 'throttle:' . $verificationLimiter])
            ->name('verification.send');
    }

3. Implement MustVerifyEmail trait in User model

Make sure to add the HasVerifyEmailNotification trait to the user model so it will receive an email to verify its email address before being allowed to access the platform.

QoreAdminBaseUser implements the required sendEmailNotification method, but it uses an incompatible implementation. If you see errors like this Route [verification.verify] does not exist, then you probably forgot to use the HasVerifyEmailNotification trait.

php
use QoreWorksBusiness\QoreFrontend\Concerns\HasVerifyEmailNotification;

class User extends QoreAdminBaseUser implements MustVerifyEmail
{
    use HasVerifyEmailNotification;
}

Configuring views, redirects and routes

The base implementation of the EmailVerificationController allows for a bit of configuring. This reduces the need to create your own controllers, but feel free to do so if you need it.

Configuring notice response

If the user is already verified, the controller will send a redirect to the user. The redirect route can be modified by changing the verification.notice key in the config/portal.php file. By default, it redirects the user to the portal dashboard.

The controller returns the auth.verify-email view, which can be modified by changing the views.verification.notice key in the config/portal.php file. If you wish to return something other than a view, you can override the implementation of VerifyEmailViewResponse.

php
use QoreWorksBusiness\QoreFrontend\Integrations\Portal\Http\Responses\VerifyEmailViewResponse;

class AppServiceProvider {
    public function boot() {
        app()->bind(VerifyEmailViewResponse::class, YourClass::class);
    }
}

Configuring verify response

The controller returns the auth.verified-email view, which can be modified by changing the views.verification.verify key in the config/portal.php file. If the user is verified, it will still return this view.

The controller supports a REST-api like response aswell. If the accepted header is set to application/json it will return a JSON response with varying status codes instead.
Status 201 is returned if the user is verified successfully.
Status 204 is returned if the user is already verified.

If you wish to return something other than a view or json response, you can override the implementation of VerifyEmailResponse.

php
use QoreWorksBusiness\QoreFrontend\Integrations\Portal\Http\Responses\VerifyEmailResponse;

class AppServiceProvider {
    public function boot() {
        app()->bind(VerifyEmailResponse::class, YourClass::class);
    }
}

Configuring resend-email response

If the user is already verified, the controller will send a redirect to the user. The redirect route can be modified by changing the verification.send key in the config/portal.php file. By default, it redirects the user to the portal dashboard.

The controller returns a redirect to the verification.notice on success.

The controller supports a REST-api like response aswell. If the accepted header is set to application/json it will return a JSON response with varying status codes instead.
Status 201 is returned if the notification has been sent.
Status 204 is returned if the user is already verified.

If you wish to return something other than a view or json response, you can override the implementation of VerifyEmailResponse.

php
use QoreWorksBusiness\QoreFrontend\Integrations\Portal\Http\Responses\EmailVerificationNotificationSentResponse;

class AppServiceProvider {
    public function boot() {
        app()->bind(EmailVerificationNotificationSentResponse::class, YourClass::class);
    }
}