postJson('/api/auth/register', [ 'username' => 'new-user', 'email' => 'new-user@example.com', 'password' => 'Password1!', 'password_confirmation' => 'Password1!', 'device_name' => 'iphone', ])->assertCreated(); $user = User::where('email', 'new-user@example.com')->firstOrFail(); expect($user->hasVerifiedEmail())->toBeFalse(); Notification::assertSentTo($user, VerifyEmailNotification::class, function (VerifyEmailNotification $notification) use ($user) { $mail = $notification->toMail($user); expect($mail->subject)->toBe('Vérifie ton adresse email') ->and($mail->render())->toContain('Vérifier mon email'); return true; }); }); it('resends a verification email for an authenticated unverified user', function () { Notification::fake(); $user = User::factory()->unverified()->create(); Sanctum::actingAs($user); $this->postJson('/api/auth/email/verification-notification') ->assertOk() ->assertJsonPath('message', __('auth.email_verification_sent')); Notification::assertSentTo($user, VerifyEmailNotification::class); }); it('verifies the user email from a signed verification link', function () { $user = User::factory()->unverified()->create(); $verificationUrl = URL::temporarySignedRoute( 'verification.verify', now()->addMinutes(60), [ 'id' => $user->getKey(), 'hash' => sha1($user->getEmailForVerification()), ], ); $this->getJson($verificationUrl) ->assertOk() ->assertJsonPath('message', __('auth.email_verified')); expect($user->fresh()->hasVerifiedEmail())->toBeTrue(); }); it('shows a confirmation page when the verification link is opened in a browser', function () { $user = User::factory()->unverified()->create(); $verificationUrl = URL::temporarySignedRoute( 'verification.verify', now()->addMinutes(60), [ 'id' => $user->getKey(), 'hash' => sha1($user->getEmailForVerification()), ], ); $this->get($verificationUrl) ->assertOk() ->assertSeeText('Email vérifié') ->assertSeeText("Ton adresse email a bien été validée. Tu peux maintenant retourner sur l'application.", false); }); it('blocks verified routes for authenticated unverified users', function () { $user = User::factory()->unverified()->create(); Sanctum::actingAs($user); $this->getJson('/api/hunts')->assertForbidden(); });