I’ve implemented Laravel-5.8 email verification following this tutorial: https://laravel.com/docs/5.8/verification. I’m trying to protect few routes from email unverified users as like below:
Route::group(['middleware' => ['verified']], function () { Route::get('/dashboard', 'DashboardController@dashboard')->name('dashboard'); Route::get('/backend', 'DashboardController@backend')->name('backend'); });
But I can access to dashboard
without verifying my email address.
How can I prevent this access without verifying email?
Advertisement
Answer
This is generally a pretty simple thing to get up and running, you may have a small mistake in your application somewhere, so here’s a checklist to quickly go over.
Does the user you’re testing have a null
email_verified_at
field in the database?Have you added
implements MustVerifyEmail
within the user model?
class User extends Authenticatable implements MustVerifyEmail
- Did you set verify to true in your
routes/web.php?
Auth::routes(['verify' => true]);
You’ve added the middleware properly to the routes, so that isn’t the issue.
Other than that we don’t have much information to go off.