diff --git a/src/Illuminate/Foundation/Auth/EmailVerificationRequest.php b/src/Illuminate/Foundation/Auth/EmailVerificationRequest.php
index c9c43046ed2c..081d66bdd83a 100644
--- a/src/Illuminate/Foundation/Auth/EmailVerificationRequest.php
+++ b/src/Illuminate/Foundation/Auth/EmailVerificationRequest.php
@@ -14,13 +14,13 @@ class EmailVerificationRequest extends FormRequest
      */
     public function authorize()
     {
-        if (! hash_equals((string) $this->route('id'),
-                          (string) $this->user()->getKey())) {
+        if (! hash_equals((string) $this->user()->getKey(),
+                          (string) $this->route('id'))) {
             return false;
         }
 
-        if (! hash_equals((string) $this->route('hash'),
-                          sha1($this->user()->getEmailForVerification()))) {
+        if (! hash_equals(sha1($this->user()->getEmailForVerification()),
+                          (string) $this->route('hash'))) {
             return false;
         }