97 lines
2.6 KiB
PHP
97 lines
2.6 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature;
|
|
|
|
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
|
|
use Tests\TestCase;
|
|
use App\Models\Planner;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
|
|
class AuthenticationTest extends TestCase
|
|
{
|
|
use RefreshDatabase;
|
|
|
|
public function test_login_screen_can_be_rendered(): void
|
|
{
|
|
$response = $this->get('/login');
|
|
|
|
$response->assertStatus(200);
|
|
$response->assertViewIs('auth.login');
|
|
$response->assertSee('Login');
|
|
}
|
|
|
|
public function test_users_can_authenticate_using_the_login_screen(): void
|
|
{
|
|
Planner::factory()->create([
|
|
'email' => 'test@example.com',
|
|
'password' => bcrypt('password'),
|
|
]);
|
|
|
|
$response = $this->post('/login', [
|
|
'email' => 'test@example.com',
|
|
'password' => 'password',
|
|
]);
|
|
|
|
$this->assertAuthenticated();
|
|
$response->assertRedirect('/dashboard');
|
|
}
|
|
|
|
public function test_users_can_not_authenticate_with_invalid_password(): void
|
|
{
|
|
Planner::factory()->create([
|
|
'email' => 'test@example.com',
|
|
'password' => bcrypt('password'),
|
|
]);
|
|
|
|
$this->post('/login', [
|
|
'email' => 'test@example.com',
|
|
'password' => 'wrong-password',
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
}
|
|
|
|
public function test_session_is_created_on_login_page(): void
|
|
{
|
|
$response = $this->get('/login');
|
|
|
|
// Check if session was started
|
|
$this->assertNotNull(session()->getId());
|
|
|
|
// Check if CSRF token is generated
|
|
$this->assertNotNull(csrf_token());
|
|
|
|
// Check session driver
|
|
$sessionDriver = config('session.driver');
|
|
$this->assertNotEquals('array', $sessionDriver, 'Session driver should not be array for authentication');
|
|
|
|
$response->assertStatus(200);
|
|
$response->assertSessionHasNoErrors();
|
|
}
|
|
|
|
public function test_csrf_token_is_validated_on_login(): void
|
|
{
|
|
// Try to post without CSRF token by disabling middleware that auto-adds it
|
|
$response = $this
|
|
->withoutMiddleware(VerifyCsrfToken::class)
|
|
->withHeaders([
|
|
'Accept' => 'text/html',
|
|
])
|
|
->post('/login', [
|
|
'email' => 'test@example.com',
|
|
'password' => 'password',
|
|
]);
|
|
|
|
$response->assertStatus(302);
|
|
}
|
|
|
|
public function test_users_can_logout(): void
|
|
{
|
|
$user = Planner::factory()->create();
|
|
|
|
$response = $this->actingAs($user)->post('/logout');
|
|
|
|
$response->assertRedirect('/');
|
|
$this->assertGuest();
|
|
}
|
|
}
|