From d7e893e4ab2ca2a085aad0432b0fb6f4f1c220d9 Mon Sep 17 00:00:00 2001 From: smarcet Date: Wed, 15 Apr 2026 18:13:59 -0300 Subject: [PATCH 1/2] fix(ui): unverified user --- resources/js/login/login.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/js/login/login.js b/resources/js/login/login.js index c55a4b91..a5f0ea06 100644 --- a/resources/js/login/login.js +++ b/resources/js/login/login.js @@ -617,7 +617,7 @@ class LoginPage extends React.Component { }, function () { //Once the state is updated, it's now possible to trigger emitOtpAction. //No need to wait for the component to update. - if (!response.has_password_set) { + if (!response.has_password_set && response.is_verified !== false) { this.emitOtpAction(); } }); From 8337eea5923d9072dc0fe3b177de0959494e038a Mon Sep 17 00:00:00 2001 From: smarcet Date: Wed, 15 Apr 2026 18:34:52 -0300 Subject: [PATCH 2/2] fix(auth): null check before calling getId() in verifyEmail Split combined null/inactive check into separate guards to prevent "Call to a member function getId() on null" when no user is found for the verification token. --- app/Services/Auth/UserService.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/app/Services/Auth/UserService.php b/app/Services/Auth/UserService.php index 4910a878..f4df159d 100644 --- a/app/Services/Auth/UserService.php +++ b/app/Services/Auth/UserService.php @@ -225,7 +225,12 @@ public function verifyEmail(string $token): User return $this->tx_service->transaction(function () use ($token) { $user = $this->user_repository->getByVerificationEmailToken($token); - if (is_null($user) || !$user->isActive()) { + if (is_null($user)) { + Log::warning("UserService::verifyEmail no user found for token"); + throw new EntityNotFoundException(); + } + + if (!$user->isActive()) { Log::warning(sprintf("UserService::verifyEmail user with id %s is not active", $user->getId())); throw new EntityNotFoundException(); }