Laravel 5.7 email verification expiration time

Whilst the question specifically addresses Laravel 5.7, I feel that it is worth mentioning that as of Laravel 5.8, it is possible to achieve this with a config variable. My search for customising the verification expiration time returned this question as the top result, hence my addition.

If we check out Illuminate\Auth\Notifications\VerifyEmail, the verificationUrl method now looks like this:

protected function verificationUrl($notifiable)
{
    return URL::temporarySignedRoute(
        'verification.verify',
        Carbon::now()->addMinutes(Config::get('auth.verification.expire', 60)),
        ['id' => $notifiable->getKey()]
    );
}

As such, we can just add this block to config/auth.php to customise the time without needing to extend the classes or anything:

'verification' => [
    'expire' => 525600, // One year - enter as many mintues as you would like here
],

UPDATE: I've written about the above approach, as well as another on customising the process by overiding the verificationUrl method to give you more flexibility, on my blog.


In deed the options is not there in Laravel, but since laravel makes use of the following:

  • a trait MustVerifyEmail (in Illuminate\Foundation\Auth\User class extended by the main User model)

  • Event and Notification

In the MustVerifyEmail trait, there's a method called sendEmailVerificationNotification. This is where the Notification VerifyEmail class referenced by @nakov's answer and its function verificationUrl is used:

/**
 * Send the email verification notification.
 *
 * @return void
 */
public function sendEmailVerificationNotification()
{
    $this->notify(new Notifications\VerifyEmail);
}

Since we know this, we can do the following:

  • Extend the Notifications\VerifyEmail to our custom VerifyEmail class
  • override the implementation of verificationUrl
  • override the implementation of the sendEmailVerificationNotification method in the User model to use our new VerifyEmail class.

Having done the above, our User model will have the following method:

/**
 * Send the email verification notification.
 *
 * @return void
 */
public function sendEmailVerificationNotification()
{
    $this->notify(new \App\Services\Verification\VerifyEmail);
}

Now we make use of our custom VerifyEmail class. Then our new VerifyEmail class would look like this:

namespace App\Services\Verification;

use Illuminate\Support\Carbon;
use \Illuminate\Support\Facades\URL;

class VerifyEmail extends \Illuminate\Auth\Notifications\VerifyEmail
{
    protected function verificationUrl($notifiable)
    {
        return URL::temporarySignedRoute(
            'verification.verify', Carbon::now()->addMinute(3), ['id' => $notifiable->getKey()]
        );  //we use 3 minutes expiry
    }
}

Well, apart from the explanations, the process is quite straight forward. I hope it is easy to grasp. Cheers!


If you open the Illuminate\Auth\Notifications\VerifyEmail::class;

The method that generates the URL already uses expiration time which defaults to 1 hour. Unfortunately there is no option to modify that value.

/**
 * Get the verification URL for the given notifiable.
 *
 * @param  mixed  $notifiable
 * @return string
 */
protected function verificationUrl($notifiable)
{
    return URL::temporarySignedRoute(
        'verification.verify', Carbon::now()->addMinutes(60), ['id' => $notifiable->getKey()]
    );
}