Add auto-login option after verification

Author: jrean

README.md

@@ -345,6 +345,20 @@ php artisan vendor:publish --provider="Jrean\UserVerification\UserVerificationSe
 
 This will add `laravel-user-verification/en/user-verification.php` to your vendor folder. By creating new language folders, like `de` or `fr` and placing a `user-verification.php` with the translations inside, you can add translations for other languages. You can find out more about localization in the [Laravel documentation](https://laravel.com/docs/5.3/localization).
 
+### Auto-login
+
+If you wish to automaticaly log in the user after the verification process, update the package config file `user-verification.php` in the config directory and replace the following:
+
+```PHP
+'auto-login' => false,
+```
+
+by:
+
+```PHP
+'auto-login' => true,
+```
+
 ### Customize
 
 You can customize the package behaviour by overriding/overwriting the

src/Traits/VerifiesUsers.php

@@ -30,7 +30,7 @@ public function getVerification(Request $request, $token)
         }
 
         try {
-            UserVerificationFacade::process($request->input('email'), $token, $this->userTable());
+            $user = UserVerificationFacade::process($request->input('email'), $token, $this->userTable());
         } catch (UserNotFoundException $e) {
             return redirect($this->redirectIfVerificationFails());
         } catch (UserIsVerifiedException $e) {
@@ -39,6 +39,10 @@ public function getVerification(Request $request, $token)
             return redirect($this->redirectIfVerificationFails());
         }
 
+        if (config('user-verification.auto-login') === true) {
+            auth()->loginUsingId($user->id);
+        }
+
         return redirect($this->redirectAfterVerification());
     }
 

src/UserVerification.php

@@ -250,19 +250,23 @@ protected function emailLaterVerificationLink(
      * @param  string  $email
      * @param  string  $token
      * @param  string  $userTable
-     * @return void
+     * @return stdClass
      */
     public function process($email, $token, $userTable)
     {
         $user = $this->getUserByEmail($email, $userTable);
 
+        unset($user->{"password"});
+
         // Check if the given user is already verified.
         // If he is, we stop here.
         $this->isVerified($user);
 
         $this->verifyToken($user->verification_token, $token);
 
         $this->wasVerified($user);
+
+        return $user;
     }
 
     /**

src/config/user-verification.php

@@ -12,9 +12,21 @@
     | Supported: "default", "markdown"
     |
     */
-
     'email' => [
         'type' => 'default',
     ],
 
+    /*
+    |--------------------------------------------------------------------------
+    | Log the user in after verification
+    |--------------------------------------------------------------------------
+    |
+    | This option defines if the user should be loged in after verification.
+    | USE WITH CAUTION as it may introduce security issues in your app.
+    |
+    | Supported: (bool) "true", "false"
+    |
+    */
+    'auto-login' => false,
+
 ];