lkddi/chatroom
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
659e56220833a4cb0891a1828e1bdca916bbaf94
chatroom/tests/Feature/AuthControllerTest.php

185 lines
4.9 KiB
PHP
Raw Blame History

<?php
namespace Tests\Feature;
use App\Models\Sysparam;
use App\Models\User;
use App\Models\UsernameBlacklist;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Redis;
use Illuminate\Support\Facades\Validator;
use Tests\TestCase;
class AuthControllerTest extends TestCase
{
use RefreshDatabase;
protected function setUp(): void
{
parent::setUp();
// Mock captcha validation to always pass
Validator::extend('captcha', function () {
return true;
});
// Mock Sysparam to return a default superlevel
Sysparam::updateOrCreate(
['alias' => 'superlevel'],
['body' => '100']
);
}
public function test_can_register_new_user()
{
Redis::shouldReceive('sismember')->with('banned_ips', '127.0.0.1')->andReturn(false);
$response = $this->postJson('/login', [
'username' => 'newuser',
'password' => 'secret123',
'captcha' => '1234',
'bSex' => '1',
]);
$response->assertStatus(200)
->assertJsonPath('status', 'success');
$this->assertDatabaseHas('users', [
'username' => 'newuser',
'user_level' => 1,
'sex' => 1,
]);
$this->assertAuthenticated();
}
public function test_cannot_register_with_blacklisted_username()
{
Redis::shouldReceive('sismember')->with('banned_ips', '127.0.0.1')->andReturn(false);
UsernameBlacklist::create([
'username' => 'admin',
'type' => 'permanent',
]);
$response = $this->postJson('/login', [
'username' => 'admin',
'password' => 'secret123',
'captcha' => '1234',
]);
$response->assertStatus(422)
->assertJsonPath('status', 'error');
$this->assertDatabaseMissing('users', [
'username' => 'admin',
]);
$this->assertGuest();
}
public function test_can_login_existing_user()
{
Redis::shouldReceive('sismember')->with('banned_ips', '127.0.0.1')->andReturn(false);
$user = User::factory()->create([
'username' => 'testuser',
'password' => Hash::make('password123'),
]);
$response = $this->postJson('/login', [
'username' => 'testuser',
'password' => 'password123',
'captcha' => '1234',
]);
$response->assertStatus(200)
->assertJsonPath('status', 'success');
$this->assertAuthenticatedAs($user);
}
public function test_login_md5_user_upgrades_to_bcrypt()
{
Redis::shouldReceive('sismember')->with('banned_ips', '127.0.0.1')->andReturn(false);
$password = 'oldsecret';
$user = User::factory()->create([
'username' => 'olduser',
'password' => 'temp',
]);
\Illuminate\Support\Facades\DB::table('users')
->where('id', $user->id)
->update(['password' => md5($password)]);
$response = $this->postJson('/login', [
'username' => 'olduser',
'password' => $password,
'captcha' => '1234',
]);
if ($response->status() !== 200) {
dd($response->json());
}
$response->assertStatus(200)
->assertJsonPath('status', 'success');
$user->refresh();
$this->assertTrue(Hash::check($password, $user->password));
$this->assertAuthenticatedAs($user);
}
public function test_banned_user_cannot_login()
{
$user = User::factory()->create([
'username' => 'banneduser',
'password' => Hash::make('secret123'),
'user_level' => -1, // banned
]);
$response = $this->postJson('/login', [
'username' => 'banneduser',
'password' => 'secret123',
'captcha' => '1234',
]);
$response->assertStatus(403)
->assertJsonPath('status', 'error');
$this->assertGuest();
}
public function test_banned_ip_cannot_login()
{
Redis::shouldReceive('sismember')->with('banned_ips', '127.0.0.1')->andReturn(true);
$user = User::factory()->create([
'username' => 'normaluser',
'password' => Hash::make('secret'),
]);
$response = $this->postJson('/login', [
'username' => 'normaluser',
'password' => 'secret',
'captcha' => '1234',
]);
$response->assertStatus(403);
$this->assertGuest();
}
public function test_can_logout()
{
/** @var \App\Models\User $user */
$user = User::factory()->create();
$response = $this->actingAs($user)->post('/logout');
$response->assertRedirect('/');
$this->assertGuest();
}
}
Reference in New Issue View Git Blame Copy Permalink