From 0e23b6afa4d1d8b440ce7696a23fa770b4f7e5e3 Mon Sep 17 00:00:00 2001
From: Thom Hurks <thomhurks@gmail.com>
Date: Wed, 5 Sep 2018 00:45:50 +0200
Subject: [PATCH] Allow email verification middleware to work with API routes

Currently if you apply the email verification middleware to an API route (XHR) you get strange/broken behaviour because of the redirect.
So, when the request expects JSON, just return a 403. This solves my issues.
---
 src/Illuminate/Auth/Middleware/EnsureEmailIsVerified.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/Illuminate/Auth/Middleware/EnsureEmailIsVerified.php b/src/Illuminate/Auth/Middleware/EnsureEmailIsVerified.php
index f9ee4babce57..54b8c7ff3807 100644
--- a/src/Illuminate/Auth/Middleware/EnsureEmailIsVerified.php
+++ b/src/Illuminate/Auth/Middleware/EnsureEmailIsVerified.php
@@ -13,14 +13,18 @@ class EnsureEmailIsVerified
      *
      * @param  \Illuminate\Http\Request  $request
      * @param  \Closure  $next
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
      */
     public function handle($request, Closure $next)
     {
         if (! $request->user() ||
             ($request->user() instanceof MustVerifyEmail &&
             ! $request->user()->hasVerifiedEmail())) {
-            return Redirect::route('verification.notice');
+            if ($request->expectsJson()) {
+                abort(403, 'Your email address is not verified.');
+            } else {
+                return Redirect::route('verification.notice');
+            }
         }
 
         return $next($request);