solocla/trf_certest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TRF Certest first commit

Browse Source
This commit is contained in:
Claudio
2025-02-26 08:57:46 +01:00
commit 3ce064a108
2524 changed files with 475404 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Feature/Api/Auth/AuthControllerTest.php
+152
View File
@@ -0,0 +1,152 @@
<?php
namespace Tests\Feature\Api\Auth;
use Carbon\Carbon;
use Tests\Feature\ApiTestCase;
use Vanguard\Support\Enum\UserStatus;
use Vanguard\User;
class AuthControllerTest extends ApiTestCase
{
/** @test */
public function login()
{
$credentials = $this->defaultCredentials();
$user = User::factory()->create($credentials);
$credentials['device_name'] = 'test';
$this->postJson('/api/login', $credentials)->assertOk();
$this->assertNotNull($user->tokens()->first());
}
/** @test */
public function last_login_timestamp_is_updated_after_login()
{
$credentials = $this->defaultCredentials();
$now = Carbon::now();
Carbon::setTestNow($now);
$user = User::factory()->create($credentials);
$this->assertDatabaseHas('users', [
'id' => $user->id,
'last_login' => null,
]);
$credentials['device_name'] = 'test';
$this->postJson('/api/login', $credentials)->assertOk();
$this->assertDatabaseHas('users', [
'id' => $user->id,
'last_login' => $now,
]);
}
/** @test */
public function login_with_invalid_credentials()
{
$credentials = $this->defaultCredentials();
User::factory()->create($credentials);
$this->postJson('/api/login', [
'username' => 'foo',
'password' => 'invalid',
'device_name' => 'test',
])->assertJsonValidationErrors('username');
}
/** @test */
public function login_when_credentials_are_not_provided()
{
$this->postJson('/api/login')
->assertStatus(422)
->assertJsonFragment([
'username' => [
trans('validation.required', ['attribute' => 'username']),
],
'password' => [
trans('validation.required', ['attribute' => 'password']),
],
]);
}
/** @test */
public function banned_user_cannot_log_in()
{
$credentials = $this->defaultCredentials();
$user = User::factory()->create(array_merge($credentials, [
'status' => UserStatus::BANNED,
]));
$credentials['device_name'] = 'test';
$this->postJson('/api/login', $credentials)
->assertStatus(401)
->assertJson([
'message' => trans('auth.banned'),
]);
$this->assertDatabaseMissing('personal_access_tokens', ['tokenable_id' => $user->id]);
}
/** @test */
public function unconfirmed_user_can_log_in()
{
$credentials = $this->defaultCredentials();
User::factory()->create(array_merge($credentials, [
'status' => UserStatus::UNCONFIRMED,
]));
$credentials['device_name'] = 'test';
$this->postJson('/api/login', $credentials)->assertOk();
}
/** @test */
public function logout()
{
$credentials = $this->defaultCredentials();
Carbon::setTestNow(Carbon::now());
$user = User::factory()->create($credentials);
$credentials['device_name'] = 'test';
$response = $this->postJson('/api/login', $credentials);
$token = $user->tokens()->first();
auth('sanctum')->user()->withAccessToken($token);
$this->postJson('/api/logout', [], [
'Authorization' => "Bearer {$response->original['token']}",
]);
$this->assertDatabaseMissing('personal_access_tokens', ['id' => $token->id]);
}
/** @test */
public function logout_if_token_is_not_provided()
{
$this->postJson('/api/logout')->assertStatus(401);
}
private function defaultCredentials(array $override = [])
{
return array_merge([
'username' => 'foo',
'password' => 'bar',
], $override);
}
}
tests/Feature/Api/Auth/Password/RemindControllerTest.php
+38
View File
@@ -0,0 +1,38 @@
<?php
namespace Tests\Feature\Api\Auth\Password;
use Mail;
use Tests\Feature\ApiTestCase;
use Vanguard\Mail\ResetPassword;
use Vanguard\User;
class RemindControllerTest extends ApiTestCase
{
/** @test */
public function send_password_reminder()
{
$this->setSettings(['forgot_password' => true]);
Mail::fake();
$user = User::factory()->create(['email' => 'test@test.com']);
$this->postJson('api/password/remind', ['email' => 'test@test.com'])
->assertOk();
Mail::assertQueued(ResetPassword::class, function ($mail) use ($user) {
return $mail->hasTo($user->email);
});
}
/** @test */
public function password_reminder_with_wrong_email()
{
$this->setSettings(['forgot_password' => true]);
$this->postJson('api/password/remind', ['email' => 'test@test.com'])
->assertStatus(422)
->assertJsonValidationErrors('email');
}
}
tests/Feature/Api/Auth/Password/ResetControllerTest.php
+96
View File
@@ -0,0 +1,96 @@
<?php
namespace Tests\Feature\Api\Auth\Password;
use Carbon\Carbon;
use DB;
use Hash;
use Illuminate\Support\Str;
use Tests\Feature\ApiTestCase;
use Vanguard\User;
class ResetControllerTest extends ApiTestCase
{
/** @test */
public function password_reset()
{
$this->setSettings(['forgot_password' => true]);
$user = User::factory()->create(['email' => 'test@test.com']);
$token = $this->createNewToken();
DB::table('password_resets')->insert([
'email' => $user->email,
'token' => Hash::make($token),
'created_at' => Carbon::now(),
]);
$this->resetPassword($token, $user->email)
->assertOk();
$this->assertTrue(Hash::check('123123123', $user->fresh()->password));
}
/** @test */
public function password_reset_with_expired_token()
{
$this->setSettings(['forgot_password' => true]);
$user = User::factory()->create(['email' => 'test@test.com']);
$token = $this->createNewToken();
DB::table('password_resets')->insert([
'email' => $user->email,
'token' => Hash::make($token),
'created_at' => Carbon::now()->subHours(2),
]);
$this->resetPassword($token, $user->email)
->assertJson([
'message' => 'This password reset token is invalid.',
]);
}
/** @test */
public function password_reset_with_invalid_email()
{
$this->setSettings(['forgot_password' => true]);
$user = User::factory()->create(['email' => 'test@test.com']);
$token = $this->createNewToken();
DB::table('password_resets')->insert([
'email' => $user->email,
'token' => Hash::make($token),
'created_at' => Carbon::now(),
]);
$this->resetPassword($token, 'foo@bar.com')
->assertOk()
->assertJson(['success' => true]);
}
private function resetPassword($token, $email)
{
return $this->postJson('api/password/reset', [
'token' => $token,
'email' => $email,
'password' => '123123123',
'password_confirmation' => '123123123',
]);
}
private function createNewToken()
{
$key = $this->app['config']['app.key'];
if (Str::startsWith($key, 'base64:')) {
$key = base64_decode(substr($key, 7));
}
return hash_hmac('sha256', Str::random(40), $key);
}
}
tests/Feature/Api/Auth/RegistrationControllerTest.php
+104
View File
@@ -0,0 +1,104 @@
<?php
namespace Tests\Feature\Api\Auth;
use Illuminate\Auth\Notifications\VerifyEmail;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Notification;
use Tests\Feature\ApiTestCase;
use Vanguard\User;
class RegistrationControllerTest extends ApiTestCase
{
/** @test */
public function register_user_when_registration_is_disabled()
{
$this->setSettings(['reg_enabled' => false]);
$this->postJson('api/register')->assertStatus(404);
}
/** @test */
public function register_user()
{
$this->setSettings([
'reg_enabled' => true,
'reg_email_confirmation' => false,
'registration.captcha.enabled' => false,
'tos' => false,
]);
$data = [
'email' => 'john.doe@test.com',
'username' => 'john.doe',
'password' => '123123123',
'password_confirmation' => '123123123',
];
$expected = Arr::except($data, ['password', 'password_confirmation']);
$this->postJson('/api/register', $data)
->assertStatus(201)
->assertJson([
'requires_email_confirmation' => false,
]);
$this->assertDatabaseHas('users', $expected);
}
/** @test */
public function register_user_with_email_confirmation()
{
$this->setSettings([
'reg_enabled' => true,
'reg_email_confirmation' => true,
'registration.captcha.enabled' => false,
'tos' => false,
]);
Notification::fake();
$data = [
'email' => 'john.doe@test.com',
'username' => 'john.doe',
'password' => '123123123',
'password_confirmation' => '123123123',
];
$expected = Arr::except($data, ['password', 'password_confirmation']);
$this->postJson('/api/register', $data)
->assertStatus(201)
->assertJson(['requires_email_confirmation' => true]);
$this->assertDatabaseHas('users', $expected);
$user = User::where('email', $data['email'])->first();
Notification::assertSentTo($user, VerifyEmail::class);
}
/** @test */
public function register_with_tos()
{
$this->setSettings([
'reg_enabled' => true,
'reg_email_confirmation' => false,
'registration.captcha.enabled' => false,
'tos' => true,
]);
$data = [
'email' => 'john.doe@test.com',
'username' => 'john.doe',
'password' => '123123123',
'password_confirmation' => '123123123',
];
$this->postJson('/api/register', $data)
->assertStatus(422)
->assertJsonFragment([
'tos' => ['You have to accept Terms of Service.'],
]);
}
}
tests/Feature/Api/Auth/SocialLoginControllerTest.php
+165
View File
@@ -0,0 +1,165 @@
<?php
namespace Tests\Feature\Api\Auth;
use Carbon\Carbon;
use Laravel\Socialite\Contracts\User as SocialUserContract;
use Laravel\Socialite\Two\FacebookProvider;
use Mockery as m;
use Tests\Feature\ApiTestCase;
use Vanguard\Repositories\User\UserRepository;
use Vanguard\Support\Enum\UserStatus;
use Vanguard\User;
class SocialLoginControllerTest extends ApiTestCase
{
/** @test */
public function social_authentication_for_first_time()
{
$this->setSettings(['reg_enabled' => true]);
$socialUser = new StubSocialUser;
$this->mockFacebookProvider($socialUser);
$now = Carbon::now()->addHours(2);
Carbon::setTestNow($now);
$this->postJson('/api/login/social', $this->defaultParams())
->assertOk();
$user = User::whereEmail($socialUser->getEmail())->first();
$this->assertDatabaseHas('users', [
'first_name' => 'John',
'last_name' => 'Doe',
'email' => $socialUser->getEmail(),
'status' => UserStatus::ACTIVE,
'avatar' => $socialUser->getAvatar(),
'last_login' => $now,
]);
$this->assertDatabaseHas('social_logins', [
'user_id' => $user->id,
'provider' => 'facebook',
'provider_id' => $socialUser->getId(),
'avatar' => $socialUser->getAvatar(),
]);
}
/** @test */
public function associate_social_account_with_existing_user()
{
$this->setSettings(['reg_enabled' => true]);
$socialUser = new StubSocialUser;
$this->mockFacebookProvider($socialUser);
$user = User::factory()->create([
'email' => $socialUser->getEmail(),
]);
$this->postJson('/api/login/social', $this->defaultParams())
->assertOk();
$this->assertDatabaseHas('social_logins', [
'user_id' => $user->id,
'provider' => 'facebook',
'provider_id' => $socialUser->getId(),
'avatar' => $socialUser->getAvatar(),
]);
}
/** @test */
public function social_login_if_registration_is_disabled()
{
$this->setSettings(['reg_enabled' => false]);
$socialUser = new StubSocialUser;
$this->mockFacebookProvider($socialUser);
$this->postJson('/api/login/social', $this->defaultParams())
->assertForbidden()
->assertJson([
'message' => 'Only users who already created an account can log in.',
]);
}
/** @test */
public function social_login_with_invalid_provider()
{
$this->postJson('/api/login/social', $this->defaultParams(['network' => 'foo']))
->assertStatus(422)
->assertJsonValidationErrors('network');
}
/** @test */
public function social_login_for_banned_user()
{
$socialUser = new StubSocialUser;
$this->mockFacebookProvider($socialUser);
$user = User::factory()->create([
'email' => $socialUser->getEmail(),
'status' => UserStatus::BANNED,
]);
app(UserRepository::class)->associateSocialAccountForUser($user->id, 'facebook', $socialUser);
$this->postJson('/api/login/social', $this->defaultParams())
->assertForbidden()
->assertJson([
'message' => 'Your account is banned by administrators.',
]);
}
private function defaultParams(array $overrides = [])
{
return array_merge([
'network' => 'facebook',
'social_token' => 'foo',
'device_name' => 'test',
], $overrides);
}
private function mockFacebookProvider($socialUser)
{
$provider = m::mock(FacebookProvider::class);
$provider->shouldReceive('userFromToken')->with('foo')->andReturn($socialUser);
\Socialite::shouldReceive('driver')->with('facebook')->andReturn($provider);
}
}
class StubSocialUser implements SocialUserContract
{
public $avatar_original = 'http://www.gravatar.com/avatar';
public function getId()
{
return '123';
}
public function getNickname()
{
return 'johndoe';
}
public function getName()
{
return 'John Doe';
}
public function getEmail()
{
return 'john@doe.com';
}
public function getAvatar()
{
return 'http://www.gravatar.com/avatar';
}
}