|
@@ -0,0 +1,183 @@
|
|
|
+<?php
|
|
|
+
|
|
|
+// Copyright 2019 Hackware SpA <human@hackware.cl>
|
|
|
+// "Hackware Web Services Core" is released under the MIT License terms.
|
|
|
+
|
|
|
+namespace Hawese\Tests;
|
|
|
+
|
|
|
+// use Hawese\Core\Http\Controllers\AuthController; // ??
|
|
|
+use Hawese\Core\User;
|
|
|
+use Laravel\Lumen\Testing\DatabaseTransactions;
|
|
|
+
|
|
|
+class AuthControllerTest extends TestCase
|
|
|
+{
|
|
|
+ use DatabaseTransactions;
|
|
|
+
|
|
|
+ public function setUp(): void
|
|
|
+ {
|
|
|
+ parent::setUp();
|
|
|
+
|
|
|
+ $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
|
+
|
|
|
+ $this->user = new User([
|
|
|
+ 'uid' => 'username',
|
|
|
+ 'email' => 'mail@doma.in'
|
|
|
+ ]);
|
|
|
+ $this->user->changePassword('password');
|
|
|
+ $this->user->insert();
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testLoginWithUid()
|
|
|
+ {
|
|
|
+ $this->assertFalse($this->user->amI());
|
|
|
+
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/login',
|
|
|
+ ['username' => $this->user->uid, 'password' => 'password']
|
|
|
+ );
|
|
|
+
|
|
|
+ $this->assertSame(
|
|
|
+ $this->user->uid,
|
|
|
+ $response->getData()->uid
|
|
|
+ );
|
|
|
+ $this->assertTrue($this->user->amI());
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testLoginWithEmail()
|
|
|
+ {
|
|
|
+ $this->assertFalse($this->user->amI());
|
|
|
+
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/login',
|
|
|
+ ['username' => $this->user->email, 'password' => 'password']
|
|
|
+ );
|
|
|
+
|
|
|
+ $this->assertSame(
|
|
|
+ $this->user->uid,
|
|
|
+ $response->getData()->uid
|
|
|
+ );
|
|
|
+ $this->assertTrue($this->user->amI());
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testLoginWrongUsername()
|
|
|
+ {
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/login',
|
|
|
+ ['username' => 'anything', 'password' => 'password']
|
|
|
+ );
|
|
|
+ $this->assertStringContainsString(
|
|
|
+ 'could not be found',
|
|
|
+ $response->getData()->error->message
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testLoginWrongPassword()
|
|
|
+ {
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/login',
|
|
|
+ ['username' => $this->user->email, 'password' => 'not_password']
|
|
|
+ );
|
|
|
+ $this->assertStringContainsString(
|
|
|
+ 'Wrong',
|
|
|
+ $response->getData()->error->message
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testLoginNoInput()
|
|
|
+ {
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/login',
|
|
|
+ );
|
|
|
+ $this->assertStringContainsString(
|
|
|
+ 'invalid',
|
|
|
+ $response->getData()->error->message
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ private function validOrigin()
|
|
|
+ {
|
|
|
+ return explode(',', env('CORS_ALLOW_ORIGINS'))[0];
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testEmailTokenWithUid()
|
|
|
+ {
|
|
|
+ $this->validOrigin();
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/email-token',
|
|
|
+ ['username' => $this->user->uid],
|
|
|
+ ['Referer' => $this->validOrigin()]
|
|
|
+ );
|
|
|
+ $this->assertSame(
|
|
|
+ 'm**l@doma.in',
|
|
|
+ $response->getData()->To[0][0]
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testEmailTokenWithEmail()
|
|
|
+ {
|
|
|
+ $this->validOrigin();
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ "/auth/email-token?origin_url={$this->validOrigin()}",
|
|
|
+ ['username' => $this->user->email]
|
|
|
+ );
|
|
|
+ $this->assertSame(
|
|
|
+ 'm**l@doma.in',
|
|
|
+ $response->getData()->To[0][0]
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testEmailTokenWrongUsername()
|
|
|
+ {
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/email-token',
|
|
|
+ ['username' => 'not_username'],
|
|
|
+ ['Referer' => $this->validOrigin()]
|
|
|
+ );
|
|
|
+ $this->assertStringContainsString(
|
|
|
+ 'could not be found',
|
|
|
+ $response->getData()->error->message
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testEmailTokenNoInput()
|
|
|
+ {
|
|
|
+ $response = $this->request(
|
|
|
+ 'POST',
|
|
|
+ '/auth/email-token',
|
|
|
+ [],
|
|
|
+ ['Referer' => $this->validOrigin()]
|
|
|
+ );
|
|
|
+ $this->assertStringContainsString(
|
|
|
+ 'invalid',
|
|
|
+ $response->getData()->error->message
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testWhoAmI()
|
|
|
+ {
|
|
|
+ $this->user->login();
|
|
|
+ $this->assertSame(
|
|
|
+ $this->user->uid,
|
|
|
+ $this->request('GET', '/auth/whoami')->getData()->uid
|
|
|
+ );
|
|
|
+ }
|
|
|
+
|
|
|
+ public function testLogout()
|
|
|
+ {
|
|
|
+ $this->user->login();
|
|
|
+ $this->assertTrue($this->user->amI());
|
|
|
+ $this->assertSame(
|
|
|
+ 'true',
|
|
|
+ $this->request('POST', '/auth/logout')->getContent()
|
|
|
+ );
|
|
|
+ $this->assertFalse($this->user->amI());
|
|
|
+ }
|
|
|
+}
|