service-captcha/app/Http/Middleware/EnsureUserIsVerified.php

<?php declare(strict_types=1);

namespace App\Http\Middleware;

use Closure;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Support\Facades\Redirect;
use Illuminate\Support\Facades\URL;

final class EnsureUserIsVerified
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string|null  $redirectToRoute
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse|null
     */
    public function handle($request, Closure $next, $redirectToRoute = null)
    {
        if (! $request->user()) {
            return $request->expectsJson()
                ? abort(403)
                : Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));
        }


        if ($request->user() instanceof MustVerifyEmail && ! $request->user()->hasVerifiedEmail()) {
            return $request->expectsJson()
                ? abort(403, 'Your email address is not verified.')
                : Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));
        }

        if ($request->user()->is_active === false) {
            return $request->expectsJson()
                ? abort(403, 'User disabled.')
                : Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));
        }

        return $next($request);
    }
}
Modified the Middleware Kernel to use a new method for request throttling that uses Redis and created a new middleware to ensure that user email is verified. These changes allow for more efficient request throttling by utilizing Redis. The new EnsureUserIsVerified middleware improves security by validating that a user's email has been verified or if the user is active before granting access, returning a 403 error if the user fails these checks. 2023-07-06 19:52:39 +06:00			`<?php declare(strict_types=1);`

			`namespace App\Http\Middleware;`

			`use Closure;`
			`use Illuminate\Contracts\Auth\MustVerifyEmail;`
			`use Illuminate\Support\Facades\Redirect;`
			`use Illuminate\Support\Facades\URL;`

			`final class EnsureUserIsVerified`
			`{`
			`/**`
			`* Handle an incoming request.`
			`*`
			`* @param \Illuminate\Http\Request $request`
			`* @param \Closure $next`
			`* @param string\|null $redirectToRoute`
			`* @return \Illuminate\Http\Response\|\Illuminate\Http\RedirectResponse\|null`
			`*/`
			`public function handle($request, Closure $next, $redirectToRoute = null)`
			`{`
			`if (! $request->user()) {`
			`return $request->expectsJson()`
			`? abort(403)`
			`: Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));`
			`}`


			`if ($request->user() instanceof MustVerifyEmail && ! $request->user()->hasVerifiedEmail()) {`
			`return $request->expectsJson()`
			`? abort(403, 'Your email address is not verified.')`
			`: Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));`
			`}`

			`if ($request->user()->is_active === false) {`
			`return $request->expectsJson()`
			`? abort(403, 'User disabled.')`
			`: Redirect::guest(URL::route($redirectToRoute ?: 'verification.notice'));`
			`}`

			`return $next($request);`
			`}`
			`}`