153 lines
3.9 KiB
PHP
153 lines
3.9 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature\Api\Auth;
|
|
|
|
use Carbon\Carbon;
|
|
use Tests\Feature\ApiTestCase;
|
|
use Vanguard\Support\Enum\UserStatus;
|
|
use Vanguard\User;
|
|
|
|
class AuthControllerTest extends ApiTestCase
|
|
{
|
|
/** @test */
|
|
public function login()
|
|
{
|
|
$credentials = $this->defaultCredentials();
|
|
|
|
$user = User::factory()->create($credentials);
|
|
|
|
$credentials['device_name'] = 'test';
|
|
|
|
$this->postJson('/api/login', $credentials)->assertOk();
|
|
|
|
$this->assertNotNull($user->tokens()->first());
|
|
}
|
|
|
|
/** @test */
|
|
public function last_login_timestamp_is_updated_after_login()
|
|
{
|
|
$credentials = $this->defaultCredentials();
|
|
|
|
$now = Carbon::now();
|
|
|
|
Carbon::setTestNow($now);
|
|
|
|
$user = User::factory()->create($credentials);
|
|
|
|
$this->assertDatabaseHas('users', [
|
|
'id' => $user->id,
|
|
'last_login' => null,
|
|
]);
|
|
|
|
$credentials['device_name'] = 'test';
|
|
|
|
$this->postJson('/api/login', $credentials)->assertOk();
|
|
|
|
$this->assertDatabaseHas('users', [
|
|
'id' => $user->id,
|
|
'last_login' => $now,
|
|
]);
|
|
}
|
|
|
|
/** @test */
|
|
public function login_with_invalid_credentials()
|
|
{
|
|
$credentials = $this->defaultCredentials();
|
|
|
|
User::factory()->create($credentials);
|
|
|
|
$this->postJson('/api/login', [
|
|
'username' => 'foo',
|
|
'password' => 'invalid',
|
|
'device_name' => 'test',
|
|
])->assertJsonValidationErrors('username');
|
|
}
|
|
|
|
/** @test */
|
|
public function login_when_credentials_are_not_provided()
|
|
{
|
|
$this->postJson('/api/login')
|
|
->assertStatus(422)
|
|
->assertJsonFragment([
|
|
'username' => [
|
|
trans('validation.required', ['attribute' => 'username']),
|
|
],
|
|
'password' => [
|
|
trans('validation.required', ['attribute' => 'password']),
|
|
],
|
|
]);
|
|
}
|
|
|
|
/** @test */
|
|
public function banned_user_cannot_log_in()
|
|
{
|
|
$credentials = $this->defaultCredentials();
|
|
|
|
$user = User::factory()->create(array_merge($credentials, [
|
|
'status' => UserStatus::BANNED,
|
|
]));
|
|
|
|
$credentials['device_name'] = 'test';
|
|
|
|
$this->postJson('/api/login', $credentials)
|
|
->assertStatus(401)
|
|
->assertJson([
|
|
'message' => trans('auth.banned'),
|
|
]);
|
|
|
|
$this->assertDatabaseMissing('personal_access_tokens', ['tokenable_id' => $user->id]);
|
|
}
|
|
|
|
/** @test */
|
|
public function unconfirmed_user_can_log_in()
|
|
{
|
|
$credentials = $this->defaultCredentials();
|
|
|
|
User::factory()->create(array_merge($credentials, [
|
|
'status' => UserStatus::UNCONFIRMED,
|
|
]));
|
|
|
|
$credentials['device_name'] = 'test';
|
|
|
|
$this->postJson('/api/login', $credentials)->assertOk();
|
|
}
|
|
|
|
/** @test */
|
|
public function logout()
|
|
{
|
|
$credentials = $this->defaultCredentials();
|
|
|
|
Carbon::setTestNow(Carbon::now());
|
|
|
|
$user = User::factory()->create($credentials);
|
|
|
|
$credentials['device_name'] = 'test';
|
|
|
|
$response = $this->postJson('/api/login', $credentials);
|
|
|
|
$token = $user->tokens()->first();
|
|
|
|
auth('sanctum')->user()->withAccessToken($token);
|
|
|
|
$this->postJson('/api/logout', [], [
|
|
'Authorization' => "Bearer {$response->original['token']}",
|
|
]);
|
|
|
|
$this->assertDatabaseMissing('personal_access_tokens', ['id' => $token->id]);
|
|
}
|
|
|
|
/** @test */
|
|
public function logout_if_token_is_not_provided()
|
|
{
|
|
$this->postJson('/api/logout')->assertStatus(401);
|
|
}
|
|
|
|
private function defaultCredentials(array $override = [])
|
|
{
|
|
return array_merge([
|
|
'username' => 'foo',
|
|
'password' => 'bar',
|
|
], $override);
|
|
}
|
|
}
|