Initial commit

tests/Feature/RegistrationTest.php

@@ -0,0 +1,341 @@
+<?php
+
+use App\Models\User;
+use App\Providers\RouteServiceProvider;
+use RyanChandler\LaravelCloudflareTurnstile\Facades\Turnstile;
+
+test('new users can register', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token from register page
+    $registerPage = $this->get('/register');
+    $token = session('_token');
+
+    // Verify register page loads
+    $registerPage->assertStatus(200);
+    expect($token)->not->toBeNull();
+    expect($token)->toBeString();
+    expect(strlen($token))->toBe(40);
+
+    // Initial state
+    expect(User::count())->toBe(0);
+    expect(auth()->guest())->toBeTrue();
+
+    // Attempt registration
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'Test_User',
+        'mail' => 'test@example.com',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    // Response checks
+    expect($response->status())->toBe(302);
+    expect($response->isRedirect())->toBeTrue();
+    expect(auth()->check())->toBeTrue();
+    expect(auth()->user()->username)->toBe('Test_User');
+    expect(auth()->user()->mail)->toBe('test@example.com');
+
+    // Location check
+    $location = parse_url($response->headers->get('Location'), PHP_URL_PATH);
+    expect($location)->toBe(parse_url(RouteServiceProvider::HOME, PHP_URL_PATH));
+
+    // Database verification
+    $this->assertDatabaseHas('users', [
+        'username' => 'Test_User',
+        'mail' => 'test@example.com',
+    ]);
+
+    // User count check
+    expect(User::count())->toBe(1);
+
+    // Retrieve and verify user
+    $user = User::where('username', 'Test_User')->first();
+    expect($user)->not->toBeNull();
+    expect($user->mail)->toBe('test@example.com');
+    expect($user->password)->not->toBe('password'); // Should be hashed
+    expect($user->id)->toBeInt();
+    expect($user->id)->toBeGreaterThan(0);
+
+    // Follow redirect and verify user is logged in
+    $dashboardResponse = $this->get('/user/me');
+    $dashboardResponse->assertStatus(200);
+    $dashboardResponse->assertSee('Test_User');
+});
+
+test('registration requires username', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration without username
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'mail' => 'test@example.com',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires email', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration without email
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'Test_User',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires password', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration without password
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'Test_User',
+        'mail' => 'test@example.com',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires password confirmation', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration without password confirmation
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'Test_User',
+        'mail' => 'test@example.com',
+        'password' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires terms acceptance', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration without terms
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'Test_User',
+        'mail' => 'test@example.com',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires matching passwords', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration with mismatched passwords
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'Test_User',
+        'mail' => 'test@example.com',
+        'password' => 'password',
+        'password_confirmation' => 'different_password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires unique username', function () {
+    installHotel();
+
+    // Create existing user
+    User::factory()->create([
+        'username' => 'ExistingUser',
+        'mail' => 'existing@example.com',
+    ]);
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration with existing username
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'ExistingUser',
+        'mail' => 'new@example.com',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(1); // Still only 1 user
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires unique email', function () {
+    installHotel();
+
+    // Create existing user
+    User::factory()->create([
+        'username' => 'ExistingUser',
+        'mail' => 'existing@example.com',
+    ]);
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration with existing email
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'NewUser',
+        'mail' => 'existing@example.com',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(1); // Still only 1 user
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires valid email format', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Get CSRF token
+    $this->get('/register');
+    $token = session('_token');
+
+    // Attempt registration with invalid email
+    $response = $this->post('/register', [
+        '_token' => $token,
+        'username' => 'Test_User',
+        'mail' => 'invalid-email',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(302);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+    expect(session('errors'))->not->toBeNull();
+});
+
+test('registration requires csrf token', function () {
+    installHotel();
+
+    // Fake the Cloudflare Turnstile validation
+    Turnstile::fake();
+
+    // Attempt registration without CSRF token
+    $response = $this->post('/register', [
+        'username' => 'Test_User',
+        'mail' => 'test@example.com',
+        'password' => 'password',
+        'password_confirmation' => 'password',
+        'terms' => true,
+        'cf-turnstile-response' => 'fake-test-response',
+    ]);
+
+    expect($response->status())->toBe(419);
+    expect(auth()->guest())->toBeTrue();
+    expect(User::count())->toBe(0);
+});