APP als Hybrid Version - Anbindung an API

2026-06-05 09:54:12 +02:00 · 2026-06-05 09:54:12 +02:00 · c1514999be
commit c1514999be
parent d054732bf5
46 changed files with 3418 additions and 196 deletions
--- a/backend/tests/Feature/Api/AuthTest.php
+++ b/backend/tests/Feature/Api/AuthTest.php
@ -0,0 +1,92 @@
+<?php
+
+use App\Models\User;
+use Database\Seeders\DatabaseSeeder;
+use Illuminate\Support\Facades\Hash;
+use Laravel\Passport\Client;
+use Laravel\Passport\Passport;
+
+test('api user endpoint requires a token', function () {
+    $this->getJson('/api/user')
+        ->assertUnauthorized();
+});
+
+test('events endpoint requires a token', function () {
+    $this->getJson('/api/events')
+        ->assertUnauthorized();
+});
+
+test('api user endpoint returns the authenticated user', function () {
+    $user = User::factory()->create([
+        'name' => 'API User',
+        'email' => 'api-user@example.com',
+    ]);
+
+    Passport::actingAs($user);
+
+    $this->getJson('/api/user')
+        ->assertOk()
+        ->assertJsonPath('id', $user->id)
+        ->assertJsonPath('name', 'API User')
+        ->assertJsonPath('email', 'api-user@example.com');
+});
+
+test('can login with presentation user credentials', function () {
+    $this->seed(DatabaseSeeder::class);
+
+    $this->postJson('/api/login', [
+        'email' => 'user1@thats-me.app',
+        'password' => 'pass',
+    ])
+        ->assertOk()
+        ->assertJsonPath('tokenType', 'Bearer')
+        ->assertJsonPath('user.email', 'user1@thats-me.app')
+        ->assertJsonPath('user.name', 'User 1')
+        ->assertJsonPath('user.mode', 'remote')
+        ->assertJsonStructure([
+            'token',
+            'tokenType',
+            'user' => ['id', 'name', 'email', 'avatar', 'mode'],
+        ]);
+});
+
+test('login rejects invalid credentials', function () {
+    $this->seed(DatabaseSeeder::class);
+
+    $this->postJson('/api/login', [
+        'email' => 'user1@thats-me.app',
+        'password' => 'wrong-password',
+    ])
+        ->assertUnprocessable()
+        ->assertJsonValidationErrors(['email']);
+});
+
+test('authenticated user can logout', function () {
+    $user = User::factory()->create();
+    Passport::actingAs($user);
+
+    $this->postJson('/api/logout')
+        ->assertNoContent();
+});
+
+test('database seeder creates the presentation api users', function () {
+    $this->seed(DatabaseSeeder::class);
+
+    foreach (range(1, 6) as $number) {
+        $user = User::query()
+            ->where('email', "user{$number}@thats-me.app")
+            ->first();
+
+        expect($user)->not->toBeNull()
+            ->and($user->name)->toBe("User {$number}")
+            ->and(Hash::check('pass', $user->password))->toBeTrue();
+    }
+
+    $hasPersonalAccessClient = Client::query()
+        ->where('provider', 'users')
+        ->where('revoked', false)
+        ->get()
+        ->contains(fn (Client $client): bool => $client->hasGrantType('personal_access'));
+
+    expect($hasPersonalAccessClient)->toBeTrue();
+});