remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9d73f82529376b0bb73f72c38e1d04f91d41d81b
Atomcms-edit/tests/Feature/AuthenticationTest.php
T
root 9d73f82529 Initial commit
2026-05-09 17:32:17 +02:00

222 lines
5.8 KiB
PHP
Executable File
Raw Blame History

<?php
use App\Models\User;
test('users can authenticate using the login screen', function () {
installHotel();
$user = User::factory()->create();
// Get CSRF token from login page
$loginPage = $this->get('/login');
$token = session('_token');
// Verify login page loads
$loginPage->assertStatus(200);
$loginPage->assertViewIs('index');
expect($token)->not->toBeNull();
expect($token)->toBeString();
expect(strlen($token))->toBe(40);
// Attempt login
$response = $this->post('/login', [
'_token' => $token,
'username' => $user->username,
'password' => 'password',
]);
// Response checks
expect($response->status())->toBe(302);
expect($response->isRedirect())->toBeTrue();
expect(auth()->check())->toBeTrue();
expect(auth()->user()->id)->toBe($user->id);
expect(auth()->user()->username)->toBe($user->username);
expect(parse_url($response->headers->get('Location'), PHP_URL_PATH))->toBe('/user/me');
// Session checks
expect(session('_token'))->not->toBeNull();
expect(session('errors'))->toBeNull();
// Follow redirect and verify user sees dashboard
$redirectResponse = $this->get('/user/me');
$redirectResponse->assertStatus(200);
$redirectResponse->assertSee($user->username);
$redirectResponse->assertViewIs('user.me');
// Database verification
$this->assertDatabaseHas('users', [
'id' => $user->id,
'username' => $user->username,
]);
// User count check
expect(User::count())->toBe(1);
});
test('users can not authenticate with invalid password', function () {
installHotel();
$user = User::factory()->create();
// Get CSRF token from login page
$loginPage = $this->get('/login');
$token = session('_token');
// Verify initial state
expect(auth()->guest())->toBeTrue();
expect(auth()->check())->toBeFalse();
// Attempt login with wrong password
$response = $this->post('/login', [
'_token' => $token,
'username' => $user->username,
'password' => 'wrong-password',
]);
// Response checks
expect($response->status())->toBe(302);
expect($response->isRedirect())->toBeTrue();
expect(auth()->guest())->toBeTrue();
expect(auth()->check())->toBeFalse();
// Error checks
expect(session('errors'))->not->toBeNull();
expect(session()->has('errors'))->toBeTrue();
// Location check - should redirect back to login
$location = $response->headers->get('Location');
expect($location)->toContain('/login');
// Database verification - user still exists
$this->assertDatabaseHas('users', [
'id' => $user->id,
'username' => $user->username,
]);
// User count check
expect(User::count())->toBe(1);
});
test('login requires csrf token', function () {
installHotel();
$user = User::factory()->create();
// Attempt login without CSRF token
$response = $this->post('/login', [
'username' => $user->username,
'password' => 'password',
]);
// Should fail with 419 (CSRF token mismatch)
expect($response->status())->toBe(419);
expect(auth()->guest())->toBeTrue();
});
test('login requires username', function () {
installHotel();
// Get CSRF token
$this->get('/login');
$token = session('_token');
// Attempt login without username
$response = $this->post('/login', [
'_token' => $token,
'password' => 'password',
]);
expect($response->status())->toBe(302);
expect(auth()->guest())->toBeTrue();
expect(session('errors'))->not->toBeNull();
});
test('login requires password', function () {
installHotel();
$user = User::factory()->create();
// Get CSRF token
$this->get('/login');
$token = session('_token');
// Attempt login without password
$response = $this->post('/login', [
'_token' => $token,
'username' => $user->username,
]);
expect($response->status())->toBe(302);
expect(auth()->guest())->toBeTrue();
expect(session('errors'))->not->toBeNull();
});
test('login with non-existent user fails', function () {
installHotel();
// Get CSRF token
$this->get('/login');
$token = session('_token');
// Attempt login with non-existent user
$response = $this->post('/login', [
'_token' => $token,
'username' => 'NonExistentUser',
'password' => 'password',
]);
expect($response->status())->toBe(302);
expect(auth()->guest())->toBeTrue();
expect(session('errors'))->not->toBeNull();
// Database check
expect(User::where('username', 'NonExistentUser')->count())->toBe(0);
});
test('authenticated user is redirected from login page', function () {
installHotel();
$user = User::factory()->create();
// Login first
$this->get('/login');
$token = session('_token');
$this->post('/login', [
'_token' => $token,
'username' => $user->username,
'password' => 'password',
]);
expect(auth()->check())->toBeTrue();
// Try to access login page again
$response = $this->get('/login');
// Should redirect to home
expect($response->isRedirect())->toBeTrue();
expect($response->headers->get('Location'))->toBe('/');
});
test('user can logout', function () {
installHotel();
$user = User::factory()->create();
// Login first
$this->get('/login');
$token = session('_token');
$this->post('/login', [
'_token' => $token,
'username' => $user->username,
'password' => 'password',
]);
expect(auth()->check())->toBeTrue();
// Logout
$logoutResponse = $this->post('/logout', ['_token' => session('_token')]);
expect(auth()->guest())->toBeTrue();
expect($logoutResponse->isRedirect())->toBeTrue();
});
Reference in New Issue View Git Blame Copy Permalink