test auth cookies
This commit is contained in:
parent
0d2c44da13
commit
db18fae479
1 changed files with 86 additions and 0 deletions
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Tests\Unit\Controllers;
|
namespace Tests\Unit\Controllers;
|
||||||
|
|
||||||
|
use App\Auth\AuthCookieSettings;
|
||||||
use App\Auth\UseCases\AuthenticateUser\AuthenticateUser;
|
use App\Auth\UseCases\AuthenticateUser\AuthenticateUser;
|
||||||
use App\Auth\UseCases\CreateSession\CreateSession;
|
use App\Auth\UseCases\CreateSession\CreateSession;
|
||||||
use App\Auth\UseCases\Logout\Logout;
|
use App\Auth\UseCases\Logout\Logout;
|
||||||
|
|
@ -60,6 +61,11 @@ class AuthControllerTest extends TestCase
|
||||||
$authenticateUser,
|
$authenticateUser,
|
||||||
$createSession,
|
$createSession,
|
||||||
$logout,
|
$logout,
|
||||||
|
new AuthCookieSettings(
|
||||||
|
secure: false,
|
||||||
|
domain: null,
|
||||||
|
sameSite: 'lax',
|
||||||
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -104,6 +110,32 @@ class AuthControllerTest extends TestCase
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testLoginUsesConfiguredCookieSettings(): void
|
||||||
|
{
|
||||||
|
$this->controller = $this->controllerWithCookieSettings(
|
||||||
|
new AuthCookieSettings(
|
||||||
|
secure: true,
|
||||||
|
domain: '.example.com',
|
||||||
|
sameSite: 'none',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$this->seedStartupUser('user@example.com', 'password');
|
||||||
|
|
||||||
|
$request = new Request([
|
||||||
|
'email' => 'user@example.com',
|
||||||
|
'password' => 'password',
|
||||||
|
]);
|
||||||
|
$response = $this->controller->login($request);
|
||||||
|
|
||||||
|
$cookies = $response->headers->getCookies();
|
||||||
|
$this->assertCount(1, $cookies);
|
||||||
|
$cookie = $cookies[0];
|
||||||
|
|
||||||
|
$this->assertTrue($cookie->isSecure());
|
||||||
|
$this->assertSame('.example.com', $cookie->getDomain());
|
||||||
|
$this->assertSame('none', $cookie->getSameSite());
|
||||||
|
}
|
||||||
|
|
||||||
public function testLoginReturns400WhenEmailMissing(): void
|
public function testLoginReturns400WhenEmailMissing(): void
|
||||||
{
|
{
|
||||||
$request = new Request(['password' => 'correctpassword']);
|
$request = new Request(['password' => 'correctpassword']);
|
||||||
|
|
@ -160,6 +192,38 @@ class AuthControllerTest extends TestCase
|
||||||
$this->assertSame('', $cookies[0]->getValue());
|
$this->assertSame('', $cookies[0]->getValue());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testLogoutUsesConfiguredCookieSettings(): void
|
||||||
|
{
|
||||||
|
$this->controller = $this->controllerWithCookieSettings(
|
||||||
|
new AuthCookieSettings(
|
||||||
|
secure: true,
|
||||||
|
domain: '.example.com',
|
||||||
|
sameSite: 'none',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$this->seedStartupUser('user@example.com', 'correctpassword');
|
||||||
|
$loginRequest = new Request([
|
||||||
|
'email' => 'user@example.com',
|
||||||
|
'password' => 'correctpassword',
|
||||||
|
]);
|
||||||
|
$this->controller->login($loginRequest);
|
||||||
|
|
||||||
|
$logoutRequest = new Request();
|
||||||
|
$logoutRequest->cookies->set(
|
||||||
|
AuthMiddleware::COOKIE_NAME,
|
||||||
|
'session-token-1'
|
||||||
|
);
|
||||||
|
$response = $this->controller->logout($logoutRequest);
|
||||||
|
|
||||||
|
$cookies = $response->headers->getCookies();
|
||||||
|
$this->assertCount(1, $cookies);
|
||||||
|
$cookie = $cookies[0];
|
||||||
|
|
||||||
|
$this->assertTrue($cookie->isSecure());
|
||||||
|
$this->assertSame('.example.com', $cookie->getDomain());
|
||||||
|
$this->assertSame('none', $cookie->getSameSite());
|
||||||
|
}
|
||||||
|
|
||||||
public function testMeReturns200WithUserWhenAuthenticated(): void
|
public function testMeReturns200WithUserWhenAuthenticated(): void
|
||||||
{
|
{
|
||||||
$email = 'me@example.com';
|
$email = 'me@example.com';
|
||||||
|
|
@ -180,4 +244,26 @@ class AuthControllerTest extends TestCase
|
||||||
$this->assertSame($user->getId(), $body['user']['id']);
|
$this->assertSame($user->getId(), $body['user']['id']);
|
||||||
$this->assertSame($email, $body['user']['email']);
|
$this->assertSame($email, $body['user']['email']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function controllerWithCookieSettings(
|
||||||
|
AuthCookieSettings $cookieSettings,
|
||||||
|
): AuthController {
|
||||||
|
$authenticateUser = new AuthenticateUser(
|
||||||
|
$this->userRepo,
|
||||||
|
$this->hasher,
|
||||||
|
);
|
||||||
|
$createSession = new CreateSession(
|
||||||
|
$this->sessionRepo,
|
||||||
|
$this->tokenGenerator,
|
||||||
|
$this->clock,
|
||||||
|
);
|
||||||
|
$logout = new Logout($this->sessionRepo);
|
||||||
|
|
||||||
|
return new AuthController(
|
||||||
|
$authenticateUser,
|
||||||
|
$createSession,
|
||||||
|
$logout,
|
||||||
|
$cookieSettings,
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue