How to make Signed route invalid after use means how to make link which use only once
current code is like below
URL::signedRoute('email.verify', ['id' => $user->id], now()->addMinutes(30))
-
1SignedRoute does not have that feature, but include your email verify logic and maybe we can tweek that to be one time usemrhn– mrhn2020-07-17 09:26:02 +00:00Commented Jul 17, 2020 at 9:26
Add a comment
|
2 Answers
You can use the below logic as per your requirement.
Generate a temporary signed route URL that expires, you may use the temporarySignedRoute method
use Illuminate\Support\Facades\URL;
return URL::temporarySignedRoute(
'email/verify', now()->addMinutes(30), ['user' => 1]
);
To verify that an incoming request has a valid signature, you should call the hasValidSignature method on the incoming Request.
use Illuminate\Http\Request;
Route::get('/email/verify/{user}', function (Request $request) {
if (!$request->hasValidSignature()) {
abort(401);
}
// ...
});
Comments
If you look at how the framework does this for the temporary signed route for the initial user verification email. You should see it can be quite easy for your case too.
Framework:
/**
* Get the verification URL for the given notifiable.
*
* @param mixed $notifiable
* @return string
*/
protected function verificationUrl($notifiable)
{
return URL::temporarySignedRoute(
'verification.verify',
Carbon::now()->addMinutes(Config::get('auth.verification.expire', 60)),
[
'id' => $notifiable->getKey(),
'hash' => sha1($notifiable->getEmailForVerification()),
]
);
}
Yours:
URL::temporarySignedRoute(
'email.verify',
now()->addMinutes(30),
['id' => $user->id],
);
