Laravel Spark User Verification

Ian Fagg
2 min readAug 8, 2017

--

Laravel 5.4 and Spark 5

Normally Spark sign ups do not require email verification because the user is signing up to pay monthly or whatever. But I needed a permanent ‘Free’ account option for my app that does not run out after a set time. It’s an important part of my app to have a free account forever, in the hope the user will eventually pay for full access.

So I needed email verification to ensure, as far as possible, my free accounts are actually legitimate email accounts. I found the great package from https://github.com/jrean that implements user verification for Laravel. However we need to make some modifications to make it work with Spark.

First purchase and install a Laravel Spark application https://spark.laravel.com/

Next install laravel-user-verification into your Spark installation, follow the instructions at https://github.com/jrean/laravel-user-verification.

OK, now we are ready to get the two working together, please note I have this working locally but not tested in production yet!

Update routes:

We need to overwrite some of Spark’s default routes, so add these to /routes/web.php

// Overwrite Spark’s Register function so we can add User Verification…
Route::post(‘/register’, ‘Auth\RegisterController@register’);
// Overwrite Spark’s login function so we can add User Verification…Route::post(‘/login’, ‘Auth\LoginController@login’);// To stop un-verified users getting a reset email…Route::post(‘/password/email’, ‘Auth\PasswordController@sendResetLinkEmail’);

Create RegisterController:

I created the RegisterController by duplicating /spark/src/Http/Controllers/Auth/RegisterController.php to /app/Http/Controllers/Auth/RegisterController.php

then updated the namespace:

namespace App\Http\Controllers\Auth;

then added the User Verification bits at the top as follows:

use Illuminate\Auth\Events\Registered;
use Jrean\UserVerification\Traits\VerifiesUsers;
use Jrean\UserVerification\Facades\UserVerification;

In the class after ‘use RedirectsUsers;’ add:

use VerifiesUsers;

In __construct change middleware guest to:

$this->middleware(‘guest’, [‘except’ => [‘getVerification’, ‘getVerificationError’]]);

And replace:

$this->redirectTo = Spark::afterLoginRedirect();

with:

$this->redirectAfterVerification = ‘/login’;

Change register function to:

public function register(RegisterRequest $request)
{
$user = Spark::interact(Register::class, [$request]);
UserVerification::generate($user);
event(new UserRegistered($user));
UserVerification::send($user, ‘verification’);
return response()->json([
‘redirect’ => ‘/login’
]);
}

Create LoginController:

I created the LoginController by adapting /spark/src/Http/Controllers/Auth/LoginController.php

/app/Http/Controllers/Auth/LoginController.php

Update Login view:

To display a warning if the user tries to login without having verified their email address we add this code to /resources/views/vendor/spark/auth/login.blade.php

@if (session('status'))
<div class="alert alert-success">
{{ session('status') }}
</div>
@endif

Create PasswordController:

I created the PasswordController by adapting /spark/src/Http/Controllers/Auth/PasswordController.php and Laravel PasswordController

/app/Http/Controllers/Auth/PasswordController.php

Update EventServiceProvider:

Add the following to the $listen array in /app/Providers/EventServiceProvider.php:

// User Verification Events...
'Jrean\UserVerification\Events\VerificationEmailSent' => [
'App\Listeners\AlertVerificationEmailSent',
],
'Jrean\UserVerification\Events\UserVerified' => [
'App\Listeners\AlertUserVerified',
],

Create AlertUserVerified listener:

For the UserVerified event which redirects with a status message after the user is verified:
/app/Listeners/AlertUserVerified.php

Create AlertVerificationEmailSent listener:

For VerificationEmailSent event:
/app/Listeners/AlertVerificationEmailSent.php

Conclusion

Now when a user signs up they should be taken to the login page with a message saying an activation email has been sent to their email address. Until they click the verification link in the email they will not be able to login, or even request a forgotten password.

I hope this helps you. If you know a better way to do any of it please let me know, I’m not an expert!

NOTE:

If necessary add specific copy for your app to the verification email:
/resources/views/vendor/laravel-user-verification/email-markdown.blade.php

--

--