#54 - mail verification (#57)

* Add verified middleware * Add resend verification mail and must verify mail to access user dashboard * Fix code style * Add tests for unverifiedUser * Apply suggestions from code review Co-authored-by: Kamil Piech <[email protected]> * Fix misspelled word * Add redirect to home page if user tries to verify email via mail and is not logged in. Add automatic log in after registration --------- Co-authored-by: Kamil Piech <[email protected]>
blumilksoftware · Aug 30, 2024 · 9986a09 · 9986a09
1 parent d600a31
commit 9986a09
Show file tree

Hide file tree

Showing 5 changed files with 59 additions and 4 deletions.
diff --git a/app/Http/Controllers/RegisterUserController.php b/app/Http/Controllers/RegisterUserController.php
@@ -8,6 +8,7 @@
 use App\Models\User;
 use Illuminate\Auth\Events\Registered;
 use Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Redirect;
 
@@ -22,6 +23,7 @@ public function store(RegisterUserRequest $request): RedirectResponse
             $user->password = Hash::make($request->password);
             $user->save();
             event(new Registered($user));
+            Auth::login($user);
         }
 
         return Redirect::route("home");

diff --git a/database/factories/UserFactory.php b/database/factories/UserFactory.php
@@ -49,4 +49,13 @@ public function superAdmin(): static
             $user->syncRoles("super_admin");
         });
     }
+
+    public function unverifiedUser(): static
+    {
+        return $this->state(function (array $attributes) {
+            return [
+                "email_verified_at" => null,
+            ];
+        });
+    }
 }
diff --git a/resources/js/Pages/Auth/Verify-Email.vue b/resources/js/Pages/Auth/Verify-Email.vue
@@ -0,0 +1,26 @@
+<script setup lang="ts">
+
+import {useForm} from '@inertiajs/vue3'
+
+const form = useForm({})
+
+function logout() {
+  form.get('/auth/logout')
+}
+
+function sent() {
+  form.post('/email/verification-notification')
+}
+
+</script>
+
+<template>
+  <form @submit.prevent="sent">
+    <button type="submit">Wyślij ponownie link weryfikacyjny</button>
+  </form>
+
+  <form @submit.prevent="logout">
+    <button type="submit">Logout</button>
+  </form>
+</template>
+
diff --git a/routes/web.php b/routes/web.php
@@ -23,8 +23,9 @@
 use Illuminate\Support\Facades\Route;
 
 Route::get("/email/verify", [EmailVerifyController::class, "create"])->middleware("auth")->name("verification.notice");
-Route::get("/email/{id}/{hash}", EmailVerifyController::class)->middleware(["signed", "throttle:6,1"])->name("verification.verify");
-Route::post("email/verification-notification", [EmailVerifyController::class, "send"])->middleware("auth", "throttle:6,1")->name("verification.send");
+Route::get("/email/{id}/{hash}", EmailVerifyController::class)->middleware(["auth", "throttle:6,1"])->name("verification.verify");
+Route::post("/email/verification-notification", [EmailVerifyController::class, "send"])->middleware("auth", "throttle:3,60")->name("verification.send");
+Route::get("/auth/logout", [AuthenticateSessionController::class, "logout"])->middleware("auth")->name("logout");
 
 Route::middleware(["guest"])->group(function (): void {
     Route::get("/", [ContestController::class, "index"])->name("home");
@@ -35,9 +36,8 @@
     Route::post("/auth/forgot-password", [PasswordResetLinkController::class, "store"])->name("password.email");
 });
 
-Route::middleware("auth")->group(function (): void {
+Route::middleware(["auth", "verified"])->group(function (): void {
     Route::get("/dashboard", [ContestController::class, "create"])->name("dashboard");
-    Route::get("/auth/logout", [AuthenticateSessionController::class, "logout"])->name("logout");
     Route::get("/profile", [ProfileUserController::class, "create"])->name("profile");
     Route::patch("/profile/password", [ProfileUserController::class, "update"])->name("profile.password.update");
 });

diff --git a/tests/Feature/AuthenticateSessionTest.php b/tests/Feature/AuthenticateSessionTest.php
@@ -58,4 +58,22 @@ public function testUserCanNotLoginWithEmptyEmailAndPassword(): void
             ->assertRedirect("/test")
             ->assertSessionHasErrors(["email" => "Pole e-mail jest wymagane.", "password" => "Pole hasło jest wymagane."]);
     }
+
+    public function testUnverifiedUserCanLogin(): void
+    {
+        User::factory()->unverifiedUser()->create(["email" => "[email protected]", "password" => "goodPassword"]);
+        $this->from("/")->post("/auth/login", [
+            "email" => "[email protected]",
+            "password" => "goodPassword",
+        ])
+            ->assertRedirect("/dashboard");
+    }
+
+    public function testUnverifiedUserIsRedirectedToVerifyEmail(): void
+    {
+        $user = User::factory()->unverifiedUser()->create();
+        $this->actingAs($user)
+            ->get("/dashboard")
+            ->assertRedirect("/email/verify");
+    }
 }