fix: 🐛 Fix the infinite credits exploit in development.

app/Listeners/Verified.php

@@ -7,7 +7,6 @@ use App\Settings\UserSettings;
 class Verified
 {
     private $server_limit_after_verify_email;
-
     private $credits_reward_after_verify_email;
 
     /**
@@ -29,9 +28,10 @@ class Verified
      */
     public function handle($event)
     {
-        if (! $event->user->email_verified_reward) {
+        if (!$event->user->email_verified_reward) {
             $event->user->increment('server_limit', $this->server_limit_after_verify_email);
             $event->user->increment('credits', $this->credits_reward_after_verify_email);
+            $event->user->update(['email_verified_reward' => true]);
         }
     }
 }

app/Models/User.php

@@ -290,8 +290,7 @@ class User extends Authenticatable implements MustVerifyEmail
     public function reVerifyEmail()
     {
         $this->forceFill([
-            'email_verified_at' => null,
-            'email_verified_reward' => true
+            'email_verified_at' => null
         ])->save();
     }