defaultCredentials(); $user = User::factory()->create($credentials); $credentials['device_name'] = 'test'; $this->postJson("/api/login", $credentials)->assertOk(); $this->assertNotNull($user->tokens()->first()); } /** @test */ public function last_login_timestamp_is_updated_after_login() { $credentials = $this->defaultCredentials(); $now = Carbon::now(); Carbon::setTestNow($now); $user = User::factory()->create($credentials); $this->assertDatabaseHas('users', [ 'id' => $user->id, 'last_login' => null ]); $credentials['device_name'] = 'test'; $this->postJson("/api/login", $credentials)->assertOk(); $this->assertDatabaseHas('users', [ 'id' => $user->id, 'last_login' => $now ]); } /** @test */ public function login_with_invalid_credentials() { $credentials = $this->defaultCredentials(); User::factory()->create($credentials); $this->postJson("/api/login", [ 'username' => 'foo', 'password' => 'invalid', 'device_name' => 'test' ])->assertJsonValidationErrors('username'); } /** @test */ public function login_when_credentials_are_not_provided() { $this->postJson("/api/login") ->assertStatus(422) ->assertJsonFragment([ 'username' => [ trans('validation.required', ['attribute' => 'username']) ], 'password' => [ trans('validation.required', ['attribute' => 'password']) ] ]); } /** @test */ public function banned_user_cannot_log_in() { $credentials = $this->defaultCredentials(); $user = User::factory()->create(array_merge($credentials, [ 'status' => UserStatus::BANNED ])); $credentials['device_name'] = 'test'; $this->postJson("/api/login", $credentials) ->assertStatus(401) ->assertJson([ 'message' => "Your account is banned by administrators." ]); $this->assertDatabaseMissing('personal_access_tokens', ['tokenable_id' => $user->id]); } /** @test */ public function unconfirmed_user_can_log_in() { $credentials = $this->defaultCredentials(); User::factory()->create(array_merge($credentials, [ 'status' => UserStatus::UNCONFIRMED ])); $credentials['device_name'] = 'test'; $this->postJson("/api/login", $credentials)->assertOk(); } /** @test */ public function logout() { $credentials = $this->defaultCredentials(); Carbon::setTestNow(Carbon::now()); $user = User::factory()->create($credentials); $credentials['device_name'] = 'test'; $response = $this->postJson("/api/login", $credentials); $token = $user->tokens()->first(); auth('sanctum')->user()->withAccessToken($token); $this->postJson("/api/logout", [], [ 'Authorization' => "Bearer {$response->original['token']}" ]); $this->assertDatabaseMissing('personal_access_tokens', ['id' => $token->id]); } /** @test */ public function logout_if_token_is_not_provided() { $this->postJson("/api/logout")->assertStatus(401); } private function defaultCredentials(array $override = []) { return array_merge([ 'username' => 'foo', 'password' => 'bar' ], $override); } }