Email verification is essential for user security. Laravel 5.7 makes it native with one trait. Guest policies and improved testing enhance application quality. At ZIRA Software, we implement these features in every production application.
Email Verification
Enable with one trait:
// app/User.php
use Illuminate\Contracts\Auth\MustVerifyEmail;
class User extends Authenticatable implements MustVerifyEmail
{
use Notifiable;
// That's it!
}Protect routes:
// routes/web.php
Route::get('/dashboard', function () {
// Only verified users can access
})->middleware(['auth', 'verified']);Customize email:
// app/Notifications/VerifyEmail.php
use Illuminate\Auth\Notifications\VerifyEmail as VerifyEmailBase;
class VerifyEmail extends VerifyEmailBase
{
public function toMail($notifiable)
{
$verificationUrl = $this->verificationUrl($notifiable);
return (new MailMessage)
->subject('Verify Your Email Address')
->line('Click the button below to verify your email address.')
->action('Verify Email Address', $verificationUrl);
}
}Guest Authorization Policies
Allow unauthenticated users:
// app/Policies/PostPolicy.php
class PostPolicy
{
// Before 5.7: guests always denied
// After 5.7: can return true for guests
public function view(?User $user, Post $post)
{
// Guests can view published posts
if ($post->published) {
return true;
}
// Authors can view their drafts
return $user && $user->id === $post->user_id;
}
}Usage:
// Works for both guests and authenticated users
if (Gate::allows('view', $post)) {
return view('posts.show', compact('post'));
}Testing Improvements
Dump and die in tests:
public function test_user_can_create_post()
{
$response = $this->post('/posts', [
'title' => 'Test Post',
]);
$response->dump(); // Dump response
$response->dumpHeaders(); // Dump headers
$response->dumpSession(); // Dump session
$response->assertStatus(201);
}Improved Error Messages
Better exception handling:
// Before: Generic "Class not found" error
// After: Specific binding missing error
// If PostController not bound to container:
// "Target class [App\Http\Controllers\PostController] does not exist."
Action URL Generation
Simpler controller URLs:
// Before
$url = action('PostController@show', ['post' => $post]);
// After (still supported)
$url = action([PostController::class, 'show'], ['post' => $post]);Nova Symlink Helper
Link storage for Nova:
php artisan storage:linkPaginator Links
Better pagination:
// app/Providers/AppServiceProvider.php
use Illuminate\Pagination\Paginator;
public function boot()
{
Paginator::useBootstrap(); // Use Bootstrap 4
}<!-- resources/views/posts/index.blade.php -->
{{ $posts->links() }} <!-- Beautiful Bootstrap 4 pagination -->Notification Localization
Send notifications in user's language:
$user->notify(new InvoicePaid($invoice));
// Notification automatically sent in user's preferred locale
Conclusion
Laravel 5.7 polishes essential features. Email verification, guest policies, and improved testing make building secure applications easier.
Need Laravel development or security consultation? Contact ZIRA Software for expert Laravel services.