false]); Notification::fake(); $this->post('/register', [ 'username' => 'testuser', 'first_name' => 'Test', 'last_name' => 'User', 'email' => 'test@example.com', 'password' => 'password123', 'password_confirmation' => 'password123', ]); Notification::assertNothingSent(); }); it('sends verification email when feature is enabled', function () { config(['auth-ui.features.email_verification' => true]); Notification::fake(); $this->post('/register', [ 'username' => 'testuser', 'first_name' => 'Test', 'last_name' => 'User', 'email' => 'test@example.com', 'password' => 'password123', 'password_confirmation' => 'password123', ]); $user = User::where('email', 'test@example.com')->first(); Notification::assertSentTo($user, VerifyEmail::class); }); it('shows verification notice to unverified users when feature is enabled', function () { config(['auth-ui.features.email_verification' => true]); $user = User::factory()->unverified()->create(); $this->actingAs($user) ->get('/email/verify') ->assertSuccessful(); }); it('redirects verified users from verification notice', function () { config(['auth-ui.features.email_verification' => true]); $user = User::factory()->create(); $this->actingAs($user) ->get('/email/verify') ->assertRedirect('/dashboard'); }); it('verifies email with valid signed url', function () { config(['auth-ui.features.email_verification' => true]); $user = User::factory()->unverified()->create(); $verificationUrl = URL::temporarySignedRoute( 'verification.verify', now()->addMinutes(60), ['id' => $user->id, 'hash' => sha1($user->email)] ); $this->actingAs($user) ->get($verificationUrl) ->assertRedirect('/dashboard'); expect($user->fresh()->hasVerifiedEmail())->toBeTrue(); }); it('rejects verification with invalid hash', function () { config(['auth-ui.features.email_verification' => true]); $user = User::factory()->unverified()->create(); $verificationUrl = URL::temporarySignedRoute( 'verification.verify', now()->addMinutes(60), ['id' => $user->id, 'hash' => sha1('wrong@email.com')] ); $this->actingAs($user) ->get($verificationUrl) ->assertForbidden(); expect($user->fresh()->hasVerifiedEmail())->toBeFalse(); }); it('allows resending verification email', function () { config(['auth-ui.features.email_verification' => true]); Notification::fake(); $user = User::factory()->unverified()->create(); $this->actingAs($user) ->post('/email/verification-notification') ->assertRedirect() ->assertSessionHas('status', 'verification-link-sent'); Notification::assertSentTo($user, VerifyEmail::class); }); it('does not register verification routes when feature is disabled', function () { config(['auth-ui.features.email_verification' => false]); $user = User::factory()->unverified()->create(); $this->actingAs($user) ->get('/email/verify') ->assertNotFound(); }); it('redirects to verification notice after registration when feature is enabled', function () { config(['auth-ui.features.email_verification' => true]); Notification::fake(); $this->post('/register', [ 'username' => 'newuser', 'first_name' => 'New', 'last_name' => 'User', 'email' => 'new@example.com', 'password' => 'password123', 'password_confirmation' => 'password123', ])->assertRedirect('/email/verify'); }); it('redirects to home after registration when feature is disabled', function () { config(['auth-ui.features.email_verification' => false]); $this->post('/register', [ 'username' => 'newuser', 'first_name' => 'New', 'last_name' => 'User', 'email' => 'new@example.com', 'password' => 'password123', 'password_confirmation' => 'password123', ])->assertRedirect('/dashboard'); });