151 lines
3.7 KiB
PHP
151 lines
3.7 KiB
PHP
<?php
|
|
|
|
use App\Models\User;
|
|
use Laravel\Fortify\Features;
|
|
|
|
test('login screen can be rendered', function () {
|
|
$response = $this->get(route('login'));
|
|
|
|
$response->assertStatus(200);
|
|
});
|
|
|
|
test('admin user redirects to admin dashboard after login', function () {
|
|
$admin = User::factory()->admin()->create();
|
|
|
|
$response = $this->post(route('login.store'), [
|
|
'email' => $admin->email,
|
|
'password' => 'password',
|
|
]);
|
|
|
|
$response
|
|
->assertSessionHasNoErrors()
|
|
->assertRedirect('/admin/dashboard');
|
|
|
|
$this->assertAuthenticatedAs($admin);
|
|
});
|
|
|
|
test('client user redirects to client dashboard after login', function () {
|
|
$client = User::factory()->individual()->create();
|
|
|
|
$response = $this->post(route('login.store'), [
|
|
'email' => $client->email,
|
|
'password' => 'password',
|
|
]);
|
|
|
|
$response
|
|
->assertSessionHasNoErrors()
|
|
->assertRedirect('/client/dashboard');
|
|
|
|
$this->assertAuthenticatedAs($client);
|
|
});
|
|
|
|
test('users can not authenticate with invalid password', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$response = $this->post(route('login.store'), [
|
|
'email' => $user->email,
|
|
'password' => 'wrong-password',
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
});
|
|
|
|
test('nonexistent user shows error', function () {
|
|
$response = $this->post(route('login.store'), [
|
|
'email' => 'nonexistent@example.com',
|
|
'password' => 'password',
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
});
|
|
|
|
test('deactivated user cannot login', function () {
|
|
$user = User::factory()->deactivated()->create();
|
|
|
|
$response = $this->post(route('login.store'), [
|
|
'email' => $user->email,
|
|
'password' => 'password',
|
|
]);
|
|
|
|
$this->assertGuest();
|
|
});
|
|
|
|
test('rate limiting blocks after five attempts', function () {
|
|
$user = User::factory()->create();
|
|
|
|
// Make 5 failed attempts
|
|
for ($i = 0; $i < 5; $i++) {
|
|
$this->post(route('login.store'), [
|
|
'email' => $user->email,
|
|
'password' => 'wrong-password',
|
|
]);
|
|
}
|
|
|
|
// 6th attempt should be throttled
|
|
$response = $this->post(route('login.store'), [
|
|
'email' => $user->email,
|
|
'password' => 'wrong-password',
|
|
]);
|
|
|
|
$response->assertStatus(429);
|
|
});
|
|
|
|
test('users with two factor enabled are redirected to two factor challenge', function () {
|
|
if (! Features::canManageTwoFactorAuthentication()) {
|
|
$this->markTestSkipped('Two-factor authentication is not enabled.');
|
|
}
|
|
|
|
$user = User::factory()->withTwoFactor()->create();
|
|
|
|
$response = $this->post(route('login.store'), [
|
|
'email' => $user->email,
|
|
'password' => 'password',
|
|
]);
|
|
|
|
$response->assertRedirect(route('two-factor.login'));
|
|
$this->assertGuest();
|
|
});
|
|
|
|
test('users can logout', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$response = $this->actingAs($user)->post(route('logout'));
|
|
|
|
$response->assertRedirect(route('home'));
|
|
|
|
$this->assertGuest();
|
|
});
|
|
|
|
test('logout clears session', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$this->actingAs($user);
|
|
$this->assertAuthenticated();
|
|
|
|
$this->post(route('logout'));
|
|
|
|
$this->assertGuest();
|
|
});
|
|
|
|
test('authenticated user cannot access login page', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$response = $this->actingAs($user)->get(route('login'));
|
|
|
|
$response->assertRedirect();
|
|
});
|
|
|
|
test('failed login attempts are logged', function () {
|
|
$user = User::factory()->create();
|
|
|
|
$this->post(route('login.store'), [
|
|
'email' => $user->email,
|
|
'password' => 'wrong-password',
|
|
]);
|
|
|
|
$this->assertDatabaseHas('admin_logs', [
|
|
'action' => 'failed_login',
|
|
'target_type' => 'user',
|
|
]);
|
|
});
|