yisroelbaum/Rabbi_Gerzi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: yisroelbaum:9d5bfc33a6e4c3e8b0f7554edbd41e8d73de4bd9
Branches Tags
yisroelbaum:master
...
compare: yisroelbaum:4702758984ba2d9e27448628dd69d91178b99d69
Branches Tags
yisroelbaum:master

9 commits
9d5bfc33a6 ... 4702758984

Author SHA1 Message Date
Yisroel Baum
4702758984
Merge branch 'copy-user-auth-from-ysv' 2026-05-18 22:14:25 +03:00
Yisroel Baum
883f83814c
fix backend process compose 2026-05-18 22:13:29 +03:00
Yisroel Baum
383a8a0fbd
add idempotent logout for missing token test 2026-05-18 22:06:46 +03:00
Yisroel Baum
7c996ade74
add timestamp and persistence assertions for create session 2026-05-18 22:06:38 +03:00
Yisroel Baum
1c5d09f09c
add empty string tests for authenticate 2026-05-18 22:06:26 +03:00
Yisroel Baum
64acbfad60
extract auth test fakes 2026-05-18 22:01:45 +03:00
Yisroel Baum
ae07a6ff7c
remove web from routing 2026-05-18 21:46:50 +03:00
Yisroel Baum
410b752183
add unit tests for user and auth 2026-05-18 21:36:10 +03:00
Yisroel Baum
613180d459
copy user entity and auth from ysv 2026-05-18 21:32:55 +03:00
35 changed files with 989 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
backend/app/Auth/BcryptPasswordHasher.php Normal file
View file

@ -0,0 +1,16 @@
<?php
namespace App\Auth;
class BcryptPasswordHasher implements PasswordHasher
{
public function hash(string $password): string
{
return password_hash($password, PASSWORD_DEFAULT);
}
public function verify(string $password, string $hash): bool
{
return password_verify($password, $hash);
}
}

10
backend/app/Auth/Clock.php Normal file
View file

@ -0,0 +1,10 @@
<?php
namespace App\Auth;
use DateTimeImmutable;
interface Clock
{
public function now(): DateTimeImmutable;
}

16
backend/app/Auth/CreateSessionDto.php Normal file
View file

@ -0,0 +1,16 @@
<?php
namespace App\Auth;
use App\User\User;
use DateTimeImmutable;
class CreateSessionDto
{
public function __construct(
public string $token,
public User $user,
public DateTimeImmutable $createdAt,
public DateTimeImmutable $expiresAt,
) {}
}

60
backend/app/Auth/EloquentSessionRepository.php Normal file
View file

@ -0,0 +1,60 @@
<?php
namespace App\Auth;
use App\User\UserRepository;
use DateTimeImmutable;
use DateTimeZone;
class EloquentSessionRepository implements SessionRepository
{
public function __construct(private UserRepository $userRepo) {}
public function create(CreateSessionDto $dto): Session
{
SessionModel::create([
'token' => $dto->token,
'user_id' => $dto->user->getId(),
'created_at' => $dto->createdAt,
'expires_at' => $dto->expiresAt,
]);
return new Session(
token: $dto->token,
user: $dto->user,
createdAt: $dto->createdAt,
expiresAt: $dto->expiresAt,
);
}
public function findByToken(string $token): ?Session
{
$model = SessionModel::find($token);
if ($model === null) {
return null;
}
$user = $this->userRepo->find($model->user_id);
if ($user === null) {
return null;
}
$utc = new DateTimeZone('UTC');
return new Session(
token: $model->token,
user: $user,
createdAt: new DateTimeImmutable(
$model->created_at->toDateTimeString(),
$utc
),
expiresAt: new DateTimeImmutable(
$model->expires_at->toDateTimeString(),
$utc
),
);
}
public function deleteByToken(string $token): void
{
SessionModel::where('token', $token)->delete();
}
}

10
backend/app/Auth/PasswordHasher.php Normal file
View file

@ -0,0 +1,10 @@
<?php
namespace App\Auth;
interface PasswordHasher
{
public function hash(string $password): string;
public function verify(string $password, string $hash): bool;
}

11
backend/app/Auth/RandomTokenGenerator.php Normal file
View file

@ -0,0 +1,11 @@
<?php
namespace App\Auth;
class RandomTokenGenerator implements TokenGenerator
{
public function generate(): string
{
return bin2hex(random_bytes(32));
}
}

41
backend/app/Auth/Session.php Normal file
View file

@ -0,0 +1,41 @@
<?php
namespace App\Auth;
use App\User\User;
use DateTimeImmutable;
class Session
{
public function __construct(
private string $token,
private User $user,
private DateTimeImmutable $createdAt,
private DateTimeImmutable $expiresAt,
) {}
public function getToken(): string
{
return $this->token;
}
public function getUser(): User
{
return $this->user;
}
public function getCreatedAt(): DateTimeImmutable
{
return $this->createdAt;
}
public function getExpiresAt(): DateTimeImmutable
{
return $this->expiresAt;
}
public function isExpired(DateTimeImmutable $now): bool
{
return $now >= $this->expiresAt;
}
}

44
backend/app/Auth/SessionModel.php Normal file
View file

@ -0,0 +1,44 @@
<?php
namespace App\Auth;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\Carbon;
/**
* @property string $token
* @property int $user_id
* @property Carbon $created_at
* @property Carbon $expires_at
*
* @method static Builder<static>|SessionModel newModelQuery()
* @method static Builder<static>|SessionModel newQuery()
* @method static Builder<static>|SessionModel query()
*
* @mixin \Eloquent
*/
class SessionModel extends Model
{
protected $table = 'sessions';
protected $primaryKey = 'token';
public $incrementing = false;
protected $keyType = 'string';
public $timestamps = false;
protected $fillable = [
'token',
'user_id',
'created_at',
'expires_at',
];
protected $casts = [
'created_at' => 'datetime',
'expires_at' => 'datetime',
];
}

12
backend/app/Auth/SessionRepository.php Normal file
View file

@ -0,0 +1,12 @@
<?php
namespace App\Auth;
interface SessionRepository
{
public function create(CreateSessionDto $dto): Session;
public function findByToken(string $token): ?Session;
public function deleteByToken(string $token): void;
}

14
backend/app/Auth/SystemClock.php Normal file
View file

@ -0,0 +1,14 @@
<?php
namespace App\Auth;
use DateTimeImmutable;
use DateTimeZone;
class SystemClock implements Clock
{
public function now(): DateTimeImmutable
{
return new DateTimeImmutable('now', new DateTimeZone('UTC'));
}
}

8
backend/app/Auth/TokenGenerator.php Normal file
View file

@ -0,0 +1,8 @@
<?php
namespace App\Auth;
interface TokenGenerator
{
public function generate(): string;
}

49
backend/app/Auth/UseCases/AuthenticateUser/AuthenticateUser.php Normal file
View file

@ -0,0 +1,49 @@
<?php
namespace App\Auth\UseCases\AuthenticateUser;
use App\Auth\PasswordHasher;
use App\Exceptions\BadRequestException;
use App\Exceptions\UnauthorizedException;
use App\Shared\ValueObject\EmailAddress;
use App\User\User;
use App\User\UserRepository;
class AuthenticateUser
{
public function __construct(
private UserRepository $userRepo,
private PasswordHasher $hasher,
) {}
/**
* @throws BadRequestException
* @throws UnauthorizedException
*/
public function execute(AuthenticateUserRequest $request): User
{
if ($request->email === null || $request->email === '') {
throw new BadRequestException('email is required');
}
if ($request->password === null || $request->password === '') {
throw new BadRequestException('password is required');
}
$user = $this->userRepo->findByEmail(
new EmailAddress($request->email)
);
if ($user === null) {
throw new UnauthorizedException('invalid credentials');
}
$passwordMatches = $this->hasher->verify(
$request->password,
$user->getPasswordHash(),
);
if (! $passwordMatches) {
throw new UnauthorizedException('invalid credentials');
}
return $user;
}
}

11
backend/app/Auth/UseCases/AuthenticateUser/AuthenticateUserRequest.php Normal file
View file

@ -0,0 +1,11 @@
<?php
namespace App\Auth\UseCases\AuthenticateUser;
class AuthenticateUserRequest
{
public function __construct(
public ?string $email,
public ?string $password,
) {}
}

34
backend/app/Auth/UseCases/CreateSession/CreateSession.php Normal file
View file

@ -0,0 +1,34 @@
<?php
namespace App\Auth\UseCases\CreateSession;
use App\Auth\Clock;
use App\Auth\CreateSessionDto;
use App\Auth\Session;
use App\Auth\SessionRepository;
use App\Auth\TokenGenerator;
use App\User\User;
class CreateSession
{
private const SESSION_LIFETIME = '+7 days';
public function __construct(
private SessionRepository $sessionRepo,
private TokenGenerator $tokenGenerator,
private Clock $clock,
) {}
public function execute(User $user): Session
{
$now = $this->clock->now();
$expiresAt = $now->modify(self::SESSION_LIFETIME);
return $this->sessionRepo->create(new CreateSessionDto(
token: $this->tokenGenerator->generate(),
user: $user,
createdAt: $now,
expiresAt: $expiresAt,
));
}
}

17
backend/app/Auth/UseCases/Logout/Logout.php Normal file
View file

@ -0,0 +1,17 @@
<?php
namespace App\Auth\UseCases\Logout;
use App\Auth\SessionRepository;
class Logout
{
public function __construct(
private SessionRepository $sessionRepo,
) {}
public function execute(string $token): void
{
$this->sessionRepo->deleteByToken($token);
}
}

7
backend/app/Exceptions/BadRequestException.php Normal file
View file

@ -0,0 +1,7 @@
<?php
namespace App\Exceptions;
use DomainException;
class BadRequestException extends DomainException {}

7
backend/app/Exceptions/UnauthorizedException.php Normal file
View file

@ -0,0 +1,7 @@
<?php
namespace App\Exceptions;
use DomainException;
class UnauthorizedException extends DomainException {}

51
backend/app/Http/Middleware/AuthMiddleware.php Normal file
View file

@ -0,0 +1,51 @@
<?php
namespace App\Http\Middleware;
use App\Auth\Clock;
use App\Auth\SessionRepository;
use Closure;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class AuthMiddleware
{
public const COOKIE_NAME = 'auth_token';
public function __construct(
private SessionRepository $sessionRepo,
private Clock $clock,
) {}
/**
* @param Closure(Request): Response $next
*/
public function handle(Request $request, Closure $next): Response
{
$token = $request->cookie(self::COOKIE_NAME);
if (! is_string($token) || $token === '') {
return $this->unauthorized();
}
$session = $this->sessionRepo->findByToken($token);
if ($session === null) {
return $this->unauthorized();
}
if ($session->isExpired($this->clock->now())) {
$this->sessionRepo->deleteByToken($token);
return $this->unauthorized();
}
$request->attributes->set('user', $session->getUser());
return $next($request);
}
private function unauthorized(): JsonResponse
{
return new JsonResponse(['error' => 'unauthenticated'], 401);
}
}

54
backend/app/Shared/ValueObject/EmailAddress.php Normal file
View file

@ -0,0 +1,54 @@
<?php
namespace App\Shared\ValueObject;
use InvalidArgumentException;
final readonly class EmailAddress
{
private string $normalized;
private string $domain;
private const ERROR_MESSAGE = 'Invalid email address:';
public function __construct(string $email)
{
$trimmed = trim($email);
if ($trimmed === '' || ! str_contains($trimmed, '@')) {
throw new InvalidArgumentException(self::ERROR_MESSAGE." $email");
}
[$local, $domain] = explode('@', $trimmed, 2);
$this->domain = mb_strtolower($domain);
$normalized = $local.'@'.$this->domain;
if (filter_var($normalized, FILTER_VALIDATE_EMAIL) === false) {
throw new InvalidArgumentException(self::ERROR_MESSAGE." $email");
}
$this->normalized = $normalized;
}
public function value(): string
{
return $this->normalized;
}
public function equals(self $other): bool
{
return $this->normalized === $other->normalized;
}
public function getDomain(): string
{
return $this->domain;
}
public function __toString(): string
{
return $this->normalized;
}
}

13
backend/app/User/CreateUserDto.php Normal file
View file

@ -0,0 +1,13 @@
<?php
namespace App\User;
use App\Shared\ValueObject\EmailAddress;
class CreateUserDto
{
public function __construct(
public EmailAddress $email,
public string $passwordHash,
) {}
}

52
backend/app/User/EloquentUserRepository.php Normal file
View file

@ -0,0 +1,52 @@
<?php
namespace App\User;
use App\Shared\ValueObject\EmailAddress;
class EloquentUserRepository implements UserRepository
{
public function create(CreateUserDto $dto): User
{
$model = UserModel::create([
'email' => $dto->email->value(),
'password_hash' => $dto->passwordHash,
]);
return $this->toDomain($model);
}
public function findByEmail(EmailAddress $email): ?User
{
$model = UserModel::where('email', $email->value())->first();
return $model === null ? null : $this->toDomain($model);
}
public function findByEmailDomain(string $domain): array
{
$models = UserModel::where('email', 'like', '%@'.$domain)->get();
$users = [];
foreach ($models as $model) {
$users[] = $this->toDomain($model);
}
return $users;
}
public function find(int $id): ?User
{
$model = UserModel::find($id);
return $model === null ? null : $this->toDomain($model);
}
private function toDomain(UserModel $model): User
{
return new User(
id: $model->id,
email: new EmailAddress($model->email),
passwordHash: $model->password_hash,
);
}
}

29
backend/app/User/User.php Normal file
View file

@ -0,0 +1,29 @@
<?php
namespace App\User;
use App\Shared\ValueObject\EmailAddress;
class User
{
public function __construct(
private int $id,
private EmailAddress $email,
private string $passwordHash,
) {}
public function getId(): int
{
return $this->id;
}
public function getEmail(): EmailAddress
{
return $this->email;
}
public function getPasswordHash(): string
{
return $this->passwordHash;
}
}

27
backend/app/User/UserModel.php Normal file
View file

@ -0,0 +1,27 @@
<?php
namespace App\User;
use Illuminate\Database\Eloquent\Model;
/**
* @property int $id
* @property string $email
* @property string $password_hash
*
* @method static \Illuminate\Database\Eloquent\Builder<static>|UserModel newModelQuery()
* @method static \Illuminate\Database\Eloquent\Builder<static>|UserModel newQuery()
* @method static \Illuminate\Database\Eloquent\Builder<static>|UserModel query()
* @method static \Illuminate\Database\Eloquent\Builder<static>|UserModel whereEmail($value)
* @method static \Illuminate\Database\Eloquent\Builder<static>|UserModel whereId($value)
*
* @mixin \Eloquent
*/
class UserModel extends Model
{
protected $table = 'users';
public $timestamps = false;
protected $fillable = ['email', 'password_hash'];
}

19
backend/app/User/UserRepository.php Normal file
View file

@ -0,0 +1,19 @@
<?php
namespace App\User;
use App\Shared\ValueObject\EmailAddress;
interface UserRepository
{
public function create(CreateUserDto $dto): User;
public function findByEmail(EmailAddress $email): ?User;
/**
* @return User[]
*/
public function findByEmailDomain(string $domain): array;
public function find(int $id): ?User;
}

1
backend/bootstrap/app.php
View file

@ -6,7 +6,6 @@ use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)

15
backend/tests/Fakes/FakeClock.php Normal file
View file

@ -0,0 +1,15 @@
<?php
namespace Tests\Fakes;
use App\Auth\Clock;
use DateTimeImmutable;
use DateTimeZone;
class FakeClock implements Clock
{
public function now(): DateTimeImmutable
{
return new DateTimeImmutable('2026-05-18 12:00:00', new DateTimeZone('UTC'));
}
}

18
backend/tests/Fakes/FakeHasher.php Normal file
View file

@ -0,0 +1,18 @@
<?php
namespace Tests\Fakes;
use App\Auth\PasswordHasher;
class FakeHasher implements PasswordHasher
{
public function hash(string $password): string
{
return 'hashed-' . $password;
}
public function verify(string $password, string $hash): bool
{
return $hash === 'hashed-' . $password;
}
}

47
backend/tests/Fakes/FakeSessionRepository.php Normal file
View file

@ -0,0 +1,47 @@
<?php
namespace Tests\Fakes;
use App\Auth\CreateSessionDto;
use App\Auth\Session;
use App\Auth\SessionRepository;
use DateTimeImmutable;
class FakeSessionRepository implements SessionRepository
{
private array $sessionsByToken = [];
public function create(CreateSessionDto $dto): Session
{
$session = new Session(
$dto->token,
$dto->user,
$dto->createdAt,
$dto->expiresAt
);
$this->sessionsByToken[$dto->token] = $session;
return $session;
}
public function findByToken(string $token): ?Session
{
if (! isset($this->sessionsByToken[$token])) {
return null;
}
$stored = $this->sessionsByToken[$token];
return new Session(
$stored->getToken(),
$stored->getUser(),
$stored->getCreatedAt(),
$stored->getExpiresAt()
);
}
public function deleteByToken(string $token): void
{
unset($this->sessionsByToken[$token]);
}
}

13
backend/tests/Fakes/FakeTokenGenerator.php Normal file
View file

@ -0,0 +1,13 @@
<?php
namespace Tests\Fakes;
use App\Auth\TokenGenerator;
class FakeTokenGenerator implements TokenGenerator
{
public function generate(): string
{
return 'fake-token-123';
}
}

70
backend/tests/Fakes/FakeUserRepository.php Normal file
View file

@ -0,0 +1,70 @@
<?php
namespace Tests\Fakes;
use App\Shared\ValueObject\EmailAddress;
use App\User\CreateUserDto;
use App\User\User;
use App\User\UserRepository;
class FakeUserRepository implements UserRepository
{
private array $usersById = [];
private array $usersByEmail = [];
public function create(CreateUserDto $dto): User
{
$id = count($this->usersById) + 1;
$user = new User($id, $dto->email, $dto->passwordHash);
$this->usersById[$id] = $user;
$this->usersByEmail[$dto->email->value()] = $user;
return $user;
}
public function findByEmail(EmailAddress $email): ?User
{
if (! isset($this->usersByEmail[$email->value()])) {
return null;
}
$stored = $this->usersByEmail[$email->value()];
return new User(
$stored->getId(),
$stored->getEmail(),
$stored->getPasswordHash()
);
}
public function findByEmailDomain(string $domain): array
{
$result = [];
foreach ($this->usersByEmail as $email => $stored) {
if (str_ends_with($email, '@' . $domain)) {
$result[] = new User(
$stored->getId(),
$stored->getEmail(),
$stored->getPasswordHash()
);
}
}
return $result;
}
public function find(int $id): ?User
{
if (! isset($this->usersById[$id])) {
return null;
}
$stored = $this->usersById[$id];
return new User(
$stored->getId(),
$stored->getEmail(),
$stored->getPasswordHash()
);
}
}

99
backend/tests/Unit/Auth/UseCases/AuthenticateUserTest.php Normal file
View file

@ -0,0 +1,99 @@
<?php
namespace Tests\Unit\Auth\UseCases;
use App\Auth\PasswordHasher;
use App\Auth\UseCases\AuthenticateUser\AuthenticateUser;
use App\Auth\UseCases\AuthenticateUser\AuthenticateUserRequest;
use App\Exceptions\BadRequestException;
use App\Exceptions\UnauthorizedException;
use App\Shared\ValueObject\EmailAddress;
use App\User\CreateUserDto;
use App\User\User;
use PHPUnit\Framework\TestCase;
use Tests\Fakes\FakeHasher;
use Tests\Fakes\FakeUserRepository;
class AuthenticateUserTest extends TestCase
{
private FakeUserRepository $userRepo;
private PasswordHasher $hasher;
private AuthenticateUser $authenticateUser;
protected function setUp(): void
{
$this->userRepo = new FakeUserRepository();
$this->hasher = new FakeHasher();
$this->authenticateUser = new AuthenticateUser($this->userRepo, $this->hasher);
}
public function testAuthenticatesValidUser(): void
{
$email = new EmailAddress('user@example.com');
$this->userRepo->create(new CreateUserDto($email, 'hashed-secret'));
$request = new AuthenticateUserRequest('user@example.com', 'secret');
$user = $this->authenticateUser->execute($request);
$this->assertInstanceOf(User::class, $user);
$this->assertSame('user@example.com', $user->getEmail()->value());
}
public function testThrowsWhenEmailMissing(): void
{
$this->expectException(BadRequestException::class);
$this->expectExceptionMessage('email is required');
$request = new AuthenticateUserRequest(null, 'secret');
$this->authenticateUser->execute($request);
}
public function testThrowsWhenPasswordMissing(): void
{
$this->expectException(BadRequestException::class);
$this->expectExceptionMessage('password is required');
$request = new AuthenticateUserRequest('user@example.com', null);
$this->authenticateUser->execute($request);
}
public function testThrowsWhenEmailEmpty(): void
{
$this->expectException(BadRequestException::class);
$this->expectExceptionMessage('email is required');
$request = new AuthenticateUserRequest('', 'secret');
$this->authenticateUser->execute($request);
}
public function testThrowsWhenPasswordEmpty(): void
{
$this->expectException(BadRequestException::class);
$this->expectExceptionMessage('password is required');
$request = new AuthenticateUserRequest('user@example.com', '');
$this->authenticateUser->execute($request);
}
public function testThrowsWhenUserNotFound(): void
{
$this->expectException(UnauthorizedException::class);
$this->expectExceptionMessage('invalid credentials');
$request = new AuthenticateUserRequest('missing@example.com', 'secret');
$this->authenticateUser->execute($request);
}
public function testThrowsWhenPasswordIncorrect(): void
{
$email = new EmailAddress('user@example.com');
$this->userRepo->create(new CreateUserDto($email, 'hashed-secret'));
$this->expectException(UnauthorizedException::class);
$this->expectExceptionMessage('invalid credentials');
$request = new AuthenticateUserRequest('user@example.com', 'wrong');
$this->authenticateUser->execute($request);
}
}

47
backend/tests/Unit/Auth/UseCases/CreateSessionTest.php Normal file
View file

@ -0,0 +1,47 @@
<?php
namespace Tests\Unit\Auth\UseCases;
use App\Auth\Clock;
use App\Auth\UseCases\CreateSession\CreateSession;
use App\Shared\ValueObject\EmailAddress;
use App\User\User;
use PHPUnit\Framework\TestCase;
use Tests\Fakes\FakeClock;
use Tests\Fakes\FakeSessionRepository;
use Tests\Fakes\FakeTokenGenerator;
class CreateSessionTest extends TestCase
{
private FakeSessionRepository $sessionRepo;
private FakeTokenGenerator $tokenGenerator;
private Clock $clock;
private CreateSession $createSession;
protected function setUp(): void
{
$this->sessionRepo = new FakeSessionRepository();
$this->tokenGenerator = new FakeTokenGenerator();
$this->clock = new FakeClock();
$this->createSession = new CreateSession($this->sessionRepo, $this->tokenGenerator, $this->clock);
}
public function testCreatesSessionForUser(): void
{
$email = new EmailAddress('user@example.com');
$user = new User(1, $email, 'hashed-password');
$session = $this->createSession->execute($user);
$this->assertSame('fake-token-123', $session->getToken());
$this->assertSame($user, $session->getUser());
$this->assertFalse($session->isExpired($this->clock->now()));
$this->assertSame('2026-05-18 12:00:00', $session->getCreatedAt()->format('Y-m-d H:i:s'));
$this->assertSame('2026-05-25 12:00:00', $session->getExpiresAt()->format('Y-m-d H:i:s'));
$stored = $this->sessionRepo->findByToken($session->getToken());
$this->assertNotNull($stored);
$this->assertSame('fake-token-123', $stored->getToken());
}
}

46
backend/tests/Unit/Auth/UseCases/LogoutTest.php Normal file
View file

@ -0,0 +1,46 @@
<?php
namespace Tests\Unit\Auth\UseCases;
use App\Auth\CreateSessionDto;
use App\Auth\UseCases\Logout\Logout;
use App\Shared\ValueObject\EmailAddress;
use App\User\User;
use PHPUnit\Framework\TestCase;
use Tests\Fakes\FakeSessionRepository;
class LogoutTest extends TestCase
{
private FakeSessionRepository $sessionRepo;
private Logout $logout;
protected function setUp(): void
{
$this->sessionRepo = new FakeSessionRepository();
$this->logout = new Logout($this->sessionRepo);
}
public function testDeletesSessionByToken(): void
{
$email = new EmailAddress('user@example.com');
$user = new User(1, $email, 'hashed-password');
$session = $this->sessionRepo->create(new CreateSessionDto(
'session-token',
$user,
new \DateTimeImmutable(),
new \DateTimeImmutable('+1 hour')
));
$this->logout->execute('session-token');
$this->assertNull($this->sessionRepo->findByToken('session-token'));
}
public function testDeletesMissingTokenIsIdempotent(): void
{
$this->logout->execute('nonexistent-token');
$this->assertNull($this->sessionRepo->findByToken('nonexistent-token'));
}
}

20
backend/tests/Unit/User/UserTest.php Normal file
View file

@ -0,0 +1,20 @@
<?php
namespace Tests\Unit\User;
use App\Shared\ValueObject\EmailAddress;
use App\User\User;
use PHPUnit\Framework\TestCase;
class UserTest extends TestCase
{
public function testCreatesUserWithPasswordHash(): void
{
$email = new EmailAddress('test@example.com');
$user = new User(1, $email, 'hashed-password');
$this->assertSame(1, $user->getId());
$this->assertSame($email, $user->getEmail());
$this->assertSame('hashed-password', $user->getPasswordHash());
}
}

4
process-compose.yml
View file

@ -12,8 +12,8 @@ processes:
period_seconds: 2
backend:
command: bash backend/bin/serve
working_dir: .
command: php artisan serve --host=127.0.0.1 --port=8000
working_dir: backend
depends_on:
postgres:
condition: process_healthy