123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191 |
- <?php
- // Copyright 2019 Hackware SpA <human@hackware.cl>
- // "Hackware Web Services Core" is released under the MIT License terms.
- namespace Hawese\Tests;
- use Hawese\Core\User;
- use Laravel\Lumen\Testing\DatabaseTransactions;
- class AuthControllerTest extends TestCase
- {
- use DatabaseTransactions;
- public function setUp(): void
- {
- parent::setUp();
- $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
- $this->user = new User([
- 'uid' => 'username',
- 'email' => 'mail@doma.in'
- ]);
- $this->user->changePassword('password');
- $this->user->insert();
- }
- public function testLoginWithUid()
- {
- $this->assertFalse($this->user->amI());
- $response = $this->request(
- 'POST',
- '/auth/login',
- ['username' => $this->user->uid, 'password' => 'password']
- );
- $this->assertSame(
- $this->user->uid,
- $response->getData()->uid
- );
- $this->assertTrue($this->user->amI());
- }
- public function testLoginWithEmail()
- {
- $this->assertFalse($this->user->amI());
- $response = $this->request(
- 'POST',
- '/auth/login',
- ['username' => $this->user->email, 'password' => 'password']
- );
- $this->assertSame(
- $this->user->uid,
- $response->getData()->uid
- );
- $this->assertTrue($this->user->amI());
- }
- public function testLoginWrongUsername()
- {
- $response = $this->request(
- 'POST',
- '/auth/login',
- ['username' => 'anything', 'password' => 'password']
- );
- $this->assertStringContainsString(
- 'could not be found',
- $response->getData()->error->message
- );
- }
- public function testLoginWrongPassword()
- {
- $response = $this->request(
- 'POST',
- '/auth/login',
- ['username' => $this->user->email, 'password' => 'not_password']
- );
- $this->assertStringContainsString(
- 'Wrong',
- $response->getData()->error->message
- );
- }
- public function testLoginNoInput()
- {
- $response = $this->request(
- 'POST',
- '/auth/login',
- );
- $this->assertStringContainsString(
- 'invalid',
- $response->getData()->error->message
- );
- }
- private function validOrigin()
- {
- return explode(',', env('CORS_ALLOW_ORIGINS'))[0];
- }
- public function testEmailTokenWithUid()
- {
- $this->validOrigin();
- $response = $this->request(
- 'POST',
- '/auth/email-token',
- ['username' => $this->user->uid],
- ['Referer' => $this->validOrigin()]
- );
- $this->assertSame(
- 'm**l@doma.in',
- $response->getData()->To[0][0]
- );
- }
- public function testEmailTokenWithEmail()
- {
- $this->validOrigin();
- $response = $this->request(
- 'POST',
- "/auth/email-token?origin_url={$this->validOrigin()}",
- ['username' => $this->user->email]
- );
- $this->assertSame(
- 'm**l@doma.in',
- $response->getData()->To[0][0]
- );
- }
- public function testEmailTokenWrongUsername()
- {
- $response = $this->request(
- 'POST',
- '/auth/email-token',
- ['username' => 'not_username'],
- ['Referer' => $this->validOrigin()]
- );
- $this->assertStringContainsString(
- 'could not be found',
- $response->getData()->error->message
- );
- }
- public function testEmailTokenNoInput()
- {
- $response = $this->request(
- 'POST',
- '/auth/email-token',
- [],
- ['Referer' => $this->validOrigin()]
- );
- $this->assertStringContainsString(
- 'invalid',
- $response->getData()->error->message
- );
- }
- public function testWhoAmI()
- {
- $this->user->login();
- $this->assertSame(
- $this->user->uid,
- $this->request('GET', '/auth/whoami')->getData()->uid
- );
- }
- public function testUnauthorizedWhoAmI()
- {
- $this->assertSame(
- \Illuminate\Http\Response::HTTP_UNAUTHORIZED,
- $this->request('GET', '/auth/whoami')->getStatusCode()
- );
- }
- public function testLogout()
- {
- $this->user->login();
- $this->assertTrue($this->user->amI());
- $this->assertSame(
- 'true',
- $this->request('POST', '/auth/logout')->getContent()
- );
- $this->assertFalse($this->user->amI());
- }
- }
|