92 lines
2.6 KiB
PHP
92 lines
2.6 KiB
PHP
<?php
|
|
|
|
use App\Models\User;
|
|
use Database\Seeders\DatabaseSeeder;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Laravel\Passport\Client;
|
|
use Laravel\Passport\Passport;
|
|
|
|
test('api user endpoint requires a token', function () {
|
|
$this->getJson('/api/user')
|
|
->assertUnauthorized();
|
|
});
|
|
|
|
test('events endpoint requires a token', function () {
|
|
$this->getJson('/api/events')
|
|
->assertUnauthorized();
|
|
});
|
|
|
|
test('api user endpoint returns the authenticated user', function () {
|
|
$user = User::factory()->create([
|
|
'name' => 'API User',
|
|
'email' => 'api-user@example.com',
|
|
]);
|
|
|
|
Passport::actingAs($user);
|
|
|
|
$this->getJson('/api/user')
|
|
->assertOk()
|
|
->assertJsonPath('id', $user->id)
|
|
->assertJsonPath('name', 'API User')
|
|
->assertJsonPath('email', 'api-user@example.com');
|
|
});
|
|
|
|
test('can login with presentation user credentials', function () {
|
|
$this->seed(DatabaseSeeder::class);
|
|
|
|
$this->postJson('/api/login', [
|
|
'email' => 'user1@thats-me.app',
|
|
'password' => 'pass',
|
|
])
|
|
->assertOk()
|
|
->assertJsonPath('tokenType', 'Bearer')
|
|
->assertJsonPath('user.email', 'user1@thats-me.app')
|
|
->assertJsonPath('user.name', 'User 1')
|
|
->assertJsonPath('user.mode', 'remote')
|
|
->assertJsonStructure([
|
|
'token',
|
|
'tokenType',
|
|
'user' => ['id', 'name', 'email', 'avatar', 'mode'],
|
|
]);
|
|
});
|
|
|
|
test('login rejects invalid credentials', function () {
|
|
$this->seed(DatabaseSeeder::class);
|
|
|
|
$this->postJson('/api/login', [
|
|
'email' => 'user1@thats-me.app',
|
|
'password' => 'wrong-password',
|
|
])
|
|
->assertUnprocessable()
|
|
->assertJsonValidationErrors(['email']);
|
|
});
|
|
|
|
test('authenticated user can logout', function () {
|
|
$user = User::factory()->create();
|
|
Passport::actingAs($user);
|
|
|
|
$this->postJson('/api/logout')
|
|
->assertNoContent();
|
|
});
|
|
|
|
test('database seeder creates the presentation api users', function () {
|
|
$this->seed(DatabaseSeeder::class);
|
|
|
|
foreach (range(1, 6) as $number) {
|
|
$user = User::query()
|
|
->where('email', "user{$number}@thats-me.app")
|
|
->first();
|
|
|
|
expect($user)->not->toBeNull()
|
|
->and($user->name)->toBe("User {$number}")
|
|
->and(Hash::check('pass', $user->password))->toBeTrue();
|
|
}
|
|
|
|
$hasPersonalAccessClient = Client::query()
|
|
->where('provider', 'users')
|
|
->where('revoked', false)
|
|
->get()
|
|
->contains(fn (Client $client): bool => $client->hasGrantType('personal_access'));
|
|
|
|
expect($hasPersonalAccessClient)->toBeTrue();
|
|
});
|