yisroelbaum/Rabbi_Gerzi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: yisroelbaum:51537bbf247f104d15917473a1e67b3c77fed2cd
Branches Tags
yisroelbaum:master
..
compare: yisroelbaum:c5916ad409587d8b234f11f57b34048035b1891c
Branches Tags
yisroelbaum:master

No commits in common. "51537bbf247f104d15917473a1e67b3c77fed2cd" and "c5916ad409587d8b234f11f57b34048035b1891c" have entirely different histories.
51537bbf24 ... c5916ad409

5 changed files with 34 additions and 198 deletions
Download patch file Download diff file Expand all files Collapse all files

10
backend/tests/Fakes/FakeClock.php
View file

@ -4,18 +4,12 @@ namespace Tests\Fakes;
use App\Auth\Clock; use App\Auth\Clock;
use DateTimeImmutable; use DateTimeImmutable;
use DateTimeZone;
class FakeClock implements Clock class FakeClock implements Clock
{ {
public function __construct(private DateTimeImmutable $currentTime) {}
public function now(): DateTimeImmutable public function now(): DateTimeImmutable
{ {
return $this->currentTime; return new DateTimeImmutable('2026-05-18 12:00:00', new DateTimeZone('UTC'));
}
public function setTime(DateTimeImmutable $newTime): void
{
$this->currentTime = $newTime;
} }
} }

21
backend/tests/Fakes/FakeSessionRepository.php
View file

@ -14,10 +14,10 @@ class FakeSessionRepository implements SessionRepository
public function create(CreateSessionDto $dto): Session public function create(CreateSessionDto $dto): Session
{ {
$session = new Session( $session = new Session(
token: $dto->token, $dto->token,
user: $dto->user, $dto->user,
createdAt: $dto->createdAt, $dto->createdAt,
expiresAt: $dto->expiresAt, $dto->expiresAt
); );
$this->sessionsByToken[$dto->token] = $session; $this->sessionsByToken[$dto->token] = $session;
@ -26,16 +26,17 @@ class FakeSessionRepository implements SessionRepository
public function findByToken(string $token): ?Session public function findByToken(string $token): ?Session
{ {
$session = $this->sessionsByToken[$token] ?? null; if (! isset($this->sessionsByToken[$token])) {
if ($session === null) {
return null; return null;
} }
$stored = $this->sessionsByToken[$token];
return new Session( return new Session(
token: $session->getToken(), $stored->getToken(),
user: $session->getUser(), $stored->getUser(),
createdAt: $session->getCreatedAt(), $stored->getCreatedAt(),
expiresAt: $session->getExpiresAt(), $stored->getExpiresAt()
); );
} }

142
backend/tests/Unit/Auth/Middleware/AuthMiddlewareTest.php
View file

@ -1,142 +0,0 @@
<?php
namespace Tests\Unit\Auth\Middleware;
use App\Auth\CreateSessionDto;
use App\Http\Middleware\AuthMiddleware;
use App\Shared\ValueObject\EmailAddress;
use App\User\User;
use Closure;
use DateTimeImmutable;
use DateTimeZone;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Tests\Fakes\FakeClock;
use Tests\Fakes\FakeSessionRepository;
use Tests\TestCase;
class AuthMiddlewareTest extends TestCase
{
private FakeSessionRepository $sessionRepo;
private FakeClock $clock;
private DateTimeImmutable $now;
private AuthMiddleware $middleware;
protected function setUp(): void
{
$this->now = new DateTimeImmutable(
'2026-04-29T12:00:00',
new DateTimeZone('UTC')
);
$this->sessionRepo = new FakeSessionRepository;
$this->clock = new FakeClock($this->now);
$this->middleware = new AuthMiddleware(
$this->sessionRepo,
$this->clock,
);
}
private function makeRequest(?string $token): Request
{
$request = Request::create('/api/anything', 'POST');
if ($token !== null) {
$request->cookies->set('auth_token', $token);
}
return $request;
}
private function nextThatRecords(?Request &$captured): Closure
{
return function (Request $request) use (&$captured) {
$captured = $request;
return new JsonResponse(['ok' => true], 200);
};
}
public function test_missing_cookie_returns_unauthorized_json(): void
{
$captured = null;
$response = $this->middleware->handle(
$this->makeRequest(null),
$this->nextThatRecords($captured),
);
$this->assertSame(401, $response->getStatusCode());
$this->assertSame(
['error' => 'unauthenticated'],
json_decode($response->getContent(), true),
);
$this->assertNull($captured);
}
public function test_unknown_token_returns_unauthorized(): void
{
$captured = null;
$response = $this->middleware->handle(
$this->makeRequest('does-not-exist'),
$this->nextThatRecords($captured),
);
$this->assertSame(401, $response->getStatusCode());
$this->assertNull($captured);
}
public function test_expired_session_returns_unauthorized_and_is_deleted(): void
{
$user = new User(
id: 7,
email: new EmailAddress('user@example.com'),
passwordHash: 'password',
);
$this->sessionRepo->create(new CreateSessionDto(
token: 'expired-token',
user: $user,
createdAt: $this->now->modify('-8 days'),
expiresAt: $this->now->modify('-1 day'),
));
$captured = null;
$response = $this->middleware->handle(
$this->makeRequest('expired-token'),
$this->nextThatRecords($captured),
);
$this->assertSame(401, $response->getStatusCode());
$this->assertNull($captured);
$this->assertNull(
$this->sessionRepo->findByToken('expired-token')
);
}
public function test_valid_session_attaches_user_and_calls_next(): void
{
$user = new User(
id: 7,
email: new EmailAddress('user@example.com'),
passwordHash: 'password',
);
$this->sessionRepo->create(new CreateSessionDto(
token: 'valid-token',
user: $user,
createdAt: $this->now,
expiresAt: $this->now->modify('+7 days'),
));
$captured = null;
$response = $this->middleware->handle(
$this->makeRequest('valid-token'),
$this->nextThatRecords($captured),
);
$this->assertSame(200, $response->getStatusCode());
$this->assertNotNull($captured);
$attachedUser = $captured->attributes->get('user');
$this->assertInstanceOf(User::class, $attachedUser);
$this->assertSame(7, $attachedUser->getId());
}
}

13
backend/tests/Unit/Auth/UseCases/CreateSessionTest.php
View file

@ -6,11 +6,10 @@ use App\Auth\Clock;
use App\Auth\UseCases\CreateSession\CreateSession; use App\Auth\UseCases\CreateSession\CreateSession;
use App\Shared\ValueObject\EmailAddress; use App\Shared\ValueObject\EmailAddress;
use App\User\User; use App\User\User;
use DateTimeImmutable; use PHPUnit\Framework\TestCase;
use Tests\Fakes\FakeClock; use Tests\Fakes\FakeClock;
use Tests\Fakes\FakeSessionRepository; use Tests\Fakes\FakeSessionRepository;
use Tests\Fakes\FakeTokenGenerator; use Tests\Fakes\FakeTokenGenerator;
use Tests\TestCase;
class CreateSessionTest extends TestCase class CreateSessionTest extends TestCase
{ {
@ -23,15 +22,9 @@ class CreateSessionTest extends TestCase
{ {
$this->sessionRepo = new FakeSessionRepository(); $this->sessionRepo = new FakeSessionRepository();
$this->tokenGenerator = new FakeTokenGenerator(); $this->tokenGenerator = new FakeTokenGenerator();
$this->clock = new FakeClock( $this->clock = new FakeClock();
new DateTimeImmutable('2026-05-18 12:00:00')
);
$this->createSession = new CreateSession( $this->createSession = new CreateSession($this->sessionRepo, $this->tokenGenerator, $this->clock);
$this->sessionRepo,
$this->tokenGenerator,
$this->clock
);
} }
public function testCreatesSessionForUser(): void public function testCreatesSessionForUser(): void

46
backend/tests/Unit/Auth/UseCases/LogoutTest.php
View file

@ -6,51 +6,41 @@ use App\Auth\CreateSessionDto;
use App\Auth\UseCases\Logout\Logout; use App\Auth\UseCases\Logout\Logout;
use App\Shared\ValueObject\EmailAddress; use App\Shared\ValueObject\EmailAddress;
use App\User\User; use App\User\User;
use DateTimeImmutable; use PHPUnit\Framework\TestCase;
use DateTimeZone;
use Tests\Fakes\FakeSessionRepository; use Tests\Fakes\FakeSessionRepository;
use Tests\TestCase;
class LogoutTest extends TestCase class LogoutTest extends TestCase
{ {
private FakeSessionRepository $sessionRepo; private FakeSessionRepository $sessionRepo;
private Logout $logout;
private Logout $useCase;
private DateTimeImmutable $now;
protected function setUp(): void protected function setUp(): void
{ {
$this->now = new DateTimeImmutable( $this->sessionRepo = new FakeSessionRepository();
'2026-04-29T12:00:00', $this->logout = new Logout($this->sessionRepo);
new DateTimeZone('UTC')
);
$this->sessionRepo = new FakeSessionRepository;
$this->useCase = new Logout($this->sessionRepo);
} }
public function test_existing_token_session_is_removed(): void public function testDeletesSessionByToken(): void
{ {
$this->sessionRepo->create(new CreateSessionDto( $email = new EmailAddress('user@example.com');
token: 'token-abc', $user = new User(1, $email, 'hashed-password');
user: new User(
id: 7, $session = $this->sessionRepo->create(new CreateSessionDto(
email: new EmailAddress('a@b.com'), 'session-token',
passwordHash: 'password', $user,
), new \DateTimeImmutable(),
createdAt: $this->now, new \DateTimeImmutable('+1 hour')
expiresAt: $this->now->modify('+7 days'),
)); ));
$this->useCase->execute('token-abc'); $this->logout->execute('session-token');
$this->assertNull($this->sessionRepo->findByToken('token-abc')); $this->assertNull($this->sessionRepo->findByToken('session-token'));
} }
public function test_unknown_token_does_not_throw(): void public function testDeletesMissingTokenIsIdempotent(): void
{ {
$this->useCase->execute('unknown-token'); $this->logout->execute('nonexistent-token');
$this->assertNull($this->sessionRepo->findByToken('unknown-token')); $this->assertNull($this->sessionRepo->findByToken('nonexistent-token'));
} }
} }