Nowadays most of the modern applications force their users to verify the ownership by sending an activation email after they complete the account registration. Moving ahead, with the release of Laravel 5.7 the user email verification is shipping with the framework out of the box. People were creating the custom feature to implement this before the version 5.7.
This feature now makes easier to implement email verification on each application people build by using the Laravel framework.

In this article, we're implementing the complete email verification process in depth. We're going to achieve the verification feature by using the standard framework code without doing any modification.

Preview:

Let's start the coding together.

Auth Scaffolding

Let's start with publishing the default auth scaffoldings by using the artisan command.

After publishing the necessary files, we don't have to worry about the routes, views, controllers required for authentication, as they ship with the framework, but you can always customize them if needed.

php artisan make:auth

Database

The new class is introduced in the framework to implement the email verification system.

So, now the App\User model should implement the Illuminate\Contracts\Auth\MustVerifyEmail contract.

<?php

namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable implements MustVerifyEmail
{
    // ...
}

What we changed was adding:

implements MustVerifyEmail

// this part was added by default (version 5.7)
use Illuminate\Contracts\Auth\MustVerifyEmail;

We need to add one more field email_verified_at to the user's table to store the verified timestamp when a user clicks the activation link sent to their email address. (This part been taking care of by version 5.7)

Schema::create('users', function (Blueprint $table) {
        $table->increments('id');
        $table->string('name');
        $table->string('email')->unique();
        $table->timestamp('email_verified_at')->nullable();
        $table->string('password');
        $table->rememberToken();
        $table->timestamps();
});

Routing

A new controller Auth\VerificationController class is introduced to handle the necessary logic to send an email verification link to the user's email address.

Also, register the verification routes by passing the parameter like below.

// before
Auth::routes();

// after
Auth::routes(['verify' => true]);

Middleware

A new middleware Illuminate\Auth\Middleware\EnsureEmailIsVerified class is introduced to protect the routes from being accessed by the unauthorized users.

You can have a look at the Kernel.php to see the registered middleware. (added by default, version 5.7)

protected $routeMiddleware = [
  ...
  'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];

Also, you may want to protect other routes, like profile, the dashboard to non-activated users by attaching the middleware on routes. (sample code from preview video)

Route::get('/home', 'HomeController@index')->name('home')->middleware('verified');

Views

The necessary views for login, register, and email verification are created inside resources/views/auth directory when you publish the auth scaffoldings.

After Verification

After the successful verification, the application redirects a user to the /home page by default.

You are free to customize the redirect location by defining a redirectTo method or property on the VerificationController.php.

protected $redirectTo = '/dashboard';

That's all you had to do now you can have email verification in your app.