When I click the email verification link sended by laravel to my gmail it redirects me to the page which says - 403 This action is unauthorized

Question

In my laravel project, i created the authentication successfully. register, login, and logout works fine. i did made the email verification, it sends the verification email to the user successfully. but when i click the verification email sended to my gmail by laravel, it redirects me to a page which says: 403 This action is unauthorized.

I am using Laravel 7.

my routes in web.php file

Route::get('/', function () {
    return redirect(app()->getLocale());
});

Route::get('email/verify', 'Auth\VerificationController@show')->name('verification.notice');
Route::get('email/verify/{id}', 'Auth\VerificationController@verify')->name('verification.verify');
Route::post('email/resend', 'Auth\VerificationController@resend')->name('verification.resend');

Route::group([
    "prefix" => "{language}",
    'where' => ['locale' => '[a-zA-Z]{2}'],
    'middleware' => 'setlocale'
], function () {    
    Auth::routes();

    Route::get('/home', 'HomeController@index')->name('home');
});

I set the email verification routes manually, because priviously when i set the

Auth::routes(['verify' => true]);

I got an error, so i set the email verification outside the route group manually to fix that error.

In verify.blade.php the resend verification email also works fine, it resends the verification email successfully.

Elias Burhan · Answer 1 · 2020-05-10T14:04:14.670

I have solved the problem. the problem was that verification.verify route was wrong,

when you set the

Auth::routes(['verify' => true]);

the actual verification.verify route is like this

email/verify/{id}/{hash}

The verification.verify route calls verify method which is located in vendor\laravel\ui\auth-backend\VerifiesEmails.php In this method there are two if statements which throws AuthorizationException which causes 403 This action is unauthorized page. The first if checks the route user id with the current authenticated user id, and the second if checks the route hash with the current authenticated user hash.

And make soure to configure your trusted proxies correctly. check in laravel documentation click here.

I hope this help you.

score -1 · Answer 2 · answered Apr 17 '21 at 09:34

-1

I my case I was clicking the wrong 'verify email url' Because my all verfication emails in google were accumulating under same 'Subject' so instead of clicking the last email, I was clicking the first email

answered Apr 17 '21 at 09:34

Naveed Ali

361
3
12

When I click the email verification link sended by laravel to my gmail it redirects me to the page which says - 403 This action is unauthorized

2 Answers2