2017-10-30 12:40:34 +08:00
|
|
|
<?php
|
|
|
|
|
2018-08-17 15:25:08 +08:00
|
|
|
namespace Tests;
|
|
|
|
|
2019-04-04 09:48:04 +08:00
|
|
|
use Cache;
|
2017-10-30 12:40:34 +08:00
|
|
|
use App\Events;
|
|
|
|
use App\Models\User;
|
2018-08-17 15:25:08 +08:00
|
|
|
use App\Models\Player;
|
2019-02-27 23:44:50 +08:00
|
|
|
use Illuminate\Support\Str;
|
2018-07-15 17:42:03 +08:00
|
|
|
use App\Mail\ForgotPassword;
|
2017-10-30 12:40:34 +08:00
|
|
|
use App\Services\Facades\Option;
|
2018-08-17 15:25:08 +08:00
|
|
|
use Illuminate\Support\Facades\URL;
|
2017-10-30 12:40:34 +08:00
|
|
|
use Illuminate\Support\Facades\Mail;
|
|
|
|
use Illuminate\Foundation\Testing\DatabaseTransactions;
|
|
|
|
|
|
|
|
class AuthControllerTest extends TestCase
|
|
|
|
{
|
|
|
|
use DatabaseTransactions;
|
|
|
|
|
2019-04-04 11:04:13 +08:00
|
|
|
protected function setUp(): void
|
|
|
|
{
|
|
|
|
parent::setUp();
|
|
|
|
app()->instance(\App\Rules\Captcha::class, new class extends \App\Rules\Captcha {
|
2019-04-19 19:36:36 +08:00
|
|
|
public function __construct(\GuzzleHttp\Client $client = null)
|
|
|
|
{
|
|
|
|
}
|
2019-04-04 11:04:13 +08:00
|
|
|
|
|
|
|
public function passes($attribute, $value)
|
|
|
|
{
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2017-10-30 12:40:34 +08:00
|
|
|
public function testLogin()
|
|
|
|
{
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->get('/auth/login')->assertSee('Log in');
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testHandleLogin()
|
|
|
|
{
|
|
|
|
$this->expectsEvents(Events\UserTryToLogin::class);
|
|
|
|
$this->expectsEvents(Events\UserLoggedIn::class);
|
|
|
|
|
|
|
|
$user = factory(User::class)->create();
|
2018-07-19 10:31:44 +08:00
|
|
|
$user->changePassword('12345678');
|
2019-03-23 11:06:36 +08:00
|
|
|
$player = factory(Player::class)->create(['uid' => $user->uid]);
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `identification` is empty
|
2019-04-05 08:58:00 +08:00
|
|
|
$this->postJson('/auth/login')->assertJsonValidationErrors('identification');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `password` is empty
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2019-03-14 00:30:53 +08:00
|
|
|
'/auth/login', ['identification' => $user->email]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if length of `password` is lower than 6
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/login', [
|
|
|
|
'identification' => $user->email,
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => '123',
|
2019-04-05 08:58:00 +08:00
|
|
|
])->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2018-02-24 16:05:07 +08:00
|
|
|
// Should return a warning if length of `password` is greater than 32
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/login', [
|
|
|
|
'identification' => $user->email,
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => Str::random(80),
|
2019-04-05 08:58:00 +08:00
|
|
|
])->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
$this->flushSession();
|
|
|
|
|
2018-08-17 22:54:26 +08:00
|
|
|
$loginFailsCacheKey = sha1('login_fails_'.get_client_ip());
|
2018-08-16 17:57:24 +08:00
|
|
|
|
2017-10-30 12:40:34 +08:00
|
|
|
// Logging in should be failed if password is wrong
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/login', [
|
|
|
|
'identification' => $user->email,
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => 'wrong-password',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
[
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 1,
|
|
|
|
'message' => trans('auth.validation.password'),
|
2019-03-02 22:58:37 +08:00
|
|
|
'login_fails' => 1,
|
2017-10-30 12:40:34 +08:00
|
|
|
]
|
2018-08-17 15:25:08 +08:00
|
|
|
);
|
2019-04-04 09:48:04 +08:00
|
|
|
$this->assertTrue(Cache::has($loginFailsCacheKey));
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
$this->flushSession();
|
|
|
|
|
|
|
|
// Should check captcha if there are too many fails
|
2019-04-04 09:48:04 +08:00
|
|
|
Cache::put($loginFailsCacheKey, 4);
|
|
|
|
$this->postJson(
|
2018-07-21 08:17:16 +08:00
|
|
|
'/auth/login', [
|
|
|
|
'identification' => $user->email,
|
|
|
|
'password' => '12345678',
|
2019-04-05 08:58:00 +08:00
|
|
|
])->assertJsonValidationErrors('captcha');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2019-04-04 09:48:04 +08:00
|
|
|
Cache::flush();
|
2017-10-30 12:40:34 +08:00
|
|
|
$this->flushSession();
|
|
|
|
|
|
|
|
// Should return a warning if user isn't existed
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/login', [
|
|
|
|
'identification' => 'nope@nope.net',
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => '12345678',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 2,
|
|
|
|
'message' => trans('auth.validation.user'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
|
|
|
|
|
|
|
$this->flushSession();
|
|
|
|
|
|
|
|
// Should clean the `login_fails` session if logged in successfully
|
2019-04-04 09:48:04 +08:00
|
|
|
Cache::put($loginFailsCacheKey, 1);
|
|
|
|
$this->postJson('/auth/login', [
|
2017-10-30 12:40:34 +08:00
|
|
|
'identification' => $user->email,
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => '12345678',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
[
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 0,
|
|
|
|
'message' => trans('auth.login.success'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]
|
2018-08-16 17:57:24 +08:00
|
|
|
);
|
2019-04-04 09:48:04 +08:00
|
|
|
$this->assertFalse(Cache::has($loginFailsCacheKey));
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2019-04-04 09:48:04 +08:00
|
|
|
Cache::flush();
|
2017-10-30 12:40:34 +08:00
|
|
|
$this->flushSession();
|
|
|
|
|
|
|
|
// Logged in should be in success if logged in with player name
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/login', [
|
2019-03-13 13:16:51 +08:00
|
|
|
'identification' => $player->name,
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => '12345678',
|
2017-10-30 12:40:34 +08:00
|
|
|
]
|
2018-07-13 15:13:35 +08:00
|
|
|
)->assertJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
[
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 0,
|
|
|
|
'message' => trans('auth.login.success'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]
|
2018-07-20 14:42:43 +08:00
|
|
|
);
|
|
|
|
$this->assertAuthenticated();
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testLogout()
|
|
|
|
{
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson('/auth/logout')
|
|
|
|
->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 1,
|
|
|
|
'message' => trans('auth.logout.fail'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
2018-07-20 14:42:43 +08:00
|
|
|
|
|
|
|
$user = factory(User::class)->create();
|
|
|
|
$this->actingAs($user)->postJson('/auth/logout')->assertJson(
|
|
|
|
[
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 0,
|
|
|
|
'message' => trans('auth.logout.success'),
|
2018-07-20 14:42:43 +08:00
|
|
|
]
|
|
|
|
);
|
|
|
|
$this->assertGuest();
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testRegister()
|
|
|
|
{
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->get('/auth/register')->assertSee('Register');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
option(['user_can_register' => false]);
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->get('/auth/register')->assertSee(trans('auth.register.close'));
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testHandleRegister()
|
|
|
|
{
|
|
|
|
$this->expectsEvents(Events\UserRegistered::class);
|
|
|
|
|
|
|
|
// Should return a warning if `email` is empty
|
2019-04-05 08:58:00 +08:00
|
|
|
$this->postJson('/auth/register')->assertJsonValidationErrors('email');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `email` is invalid
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
2019-03-14 00:30:53 +08:00
|
|
|
['email' => 'not_an_email']
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('email');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2018-07-20 14:42:43 +08:00
|
|
|
// An existed user
|
|
|
|
$existedUser = factory(User::class)->create();
|
|
|
|
$this->postJson(
|
|
|
|
'/auth/register',
|
2019-03-14 00:30:53 +08:00
|
|
|
['email' => $existedUser->email]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('email');
|
2018-07-20 14:42:43 +08:00
|
|
|
|
2017-10-30 12:40:34 +08:00
|
|
|
// Should return a warning if `password` is empty
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
2019-03-14 00:30:53 +08:00
|
|
|
['email' => 'a@b.c']
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if length of `password` is lower than 8
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => '1',
|
2019-03-14 00:30:53 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2018-02-24 16:05:07 +08:00
|
|
|
// Should return a warning if length of `password` is greater than 32
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => Str::random(33),
|
2018-08-17 17:03:38 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2018-08-17 17:03:38 +08:00
|
|
|
// The register_with_player_name option is set to true by default.
|
|
|
|
// Should return a warning if `player_name` is empty
|
|
|
|
$this->postJson(
|
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-08-17 17:03:38 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('player_name');
|
2018-08-17 17:03:38 +08:00
|
|
|
|
|
|
|
// Should return a warning if `player_name` is invalid
|
|
|
|
option(['player_name_rule' => 'official']);
|
|
|
|
$this->postJson(
|
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
|
|
|
'player_name' => '角色名',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-08-17 17:03:38 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('player_name');
|
2018-08-17 17:03:38 +08:00
|
|
|
|
|
|
|
// Should return a warning if `player_name` is too long
|
|
|
|
$this->postJson(
|
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
2019-02-27 23:44:50 +08:00
|
|
|
'player_name' => Str::random(option('player_name_length_max') + 10),
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-08-17 17:03:38 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('player_name');
|
2018-08-17 17:03:38 +08:00
|
|
|
|
|
|
|
// Existed player
|
|
|
|
$player = factory(Player::class)->create();
|
|
|
|
$this->postJson(
|
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
2019-03-13 13:16:51 +08:00
|
|
|
'player_name' => $player->name,
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-08-17 17:03:38 +08:00
|
|
|
]
|
|
|
|
)->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 2,
|
|
|
|
'message' => trans('user.player.add.repeated'),
|
2018-08-17 17:03:38 +08:00
|
|
|
]);
|
2019-03-22 21:40:12 +08:00
|
|
|
$this->assertNull(User::where('email', 'a@b.c')->first());
|
2018-08-17 17:03:38 +08:00
|
|
|
|
|
|
|
option(['register_with_player_name' => false]);
|
|
|
|
|
2017-10-30 12:40:34 +08:00
|
|
|
// Should return a warning if `nickname` is empty
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
2018-08-17 17:03:38 +08:00
|
|
|
'password' => '12345678',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2019-03-14 00:30:53 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('nickname');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `nickname` is invalid
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
2018-08-17 17:03:38 +08:00
|
|
|
'nickname' => '\\',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2019-03-14 00:30:53 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('nickname');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `nickname` is too long
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
2019-02-27 23:44:50 +08:00
|
|
|
'nickname' => Str::random(256),
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2019-03-14 00:30:53 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('nickname');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2018-07-20 14:42:43 +08:00
|
|
|
// Should return a warning if `captcha` is empty
|
|
|
|
$this->postJson(
|
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
2019-03-02 22:58:37 +08:00
|
|
|
'nickname' => 'nickname',
|
2019-03-14 00:30:53 +08:00
|
|
|
]
|
2019-04-05 08:58:00 +08:00
|
|
|
)->assertJsonValidationErrors('captcha');
|
2018-07-20 14:42:43 +08:00
|
|
|
|
2017-10-30 12:40:34 +08:00
|
|
|
// Should be forbidden if registering is closed
|
|
|
|
Option::set('user_can_register', false);
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
|
|
|
'nickname' => 'nickname',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2019-03-14 00:30:53 +08:00
|
|
|
]
|
2018-07-13 15:13:35 +08:00
|
|
|
)->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 7,
|
|
|
|
'message' => trans('auth.register.close'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
|
|
|
|
|
|
|
// Reopen for test
|
|
|
|
Option::set('user_can_register', true);
|
|
|
|
|
|
|
|
// Should be forbidden if registering's count current IP is over
|
|
|
|
Option::set('regs_per_ip', -1);
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
|
|
|
'nickname' => 'nickname',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2017-10-30 12:40:34 +08:00
|
|
|
]
|
2018-07-13 15:13:35 +08:00
|
|
|
)->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 7,
|
|
|
|
'message' => trans('auth.register.max', ['regs' => option('regs_per_ip')]),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
|
|
|
|
2017-11-05 19:48:11 +08:00
|
|
|
Option::set('regs_per_ip', 100);
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Database should be updated if succeeded
|
2018-07-13 15:13:35 +08:00
|
|
|
$response = $this->postJson(
|
2017-10-30 12:40:34 +08:00
|
|
|
'/auth/register',
|
|
|
|
[
|
|
|
|
'email' => 'a@b.c',
|
|
|
|
'password' => '12345678',
|
|
|
|
'nickname' => 'nickname',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2017-10-30 12:40:34 +08:00
|
|
|
]
|
|
|
|
);
|
|
|
|
$newUser = User::where('email', 'a@b.c')->first();
|
2018-07-13 15:13:35 +08:00
|
|
|
$response->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 0,
|
|
|
|
'message' => trans('auth.register.success'),
|
2018-07-20 14:42:43 +08:00
|
|
|
]);
|
2017-10-30 12:40:34 +08:00
|
|
|
$this->assertTrue($newUser->verifyPassword('12345678'));
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->assertDatabaseHas('users', [
|
2017-10-30 12:40:34 +08:00
|
|
|
'email' => 'a@b.c',
|
|
|
|
'nickname' => 'nickname',
|
|
|
|
'score' => option('user_initial_score'),
|
|
|
|
'ip' => '127.0.0.1',
|
2019-03-02 22:58:37 +08:00
|
|
|
'permission' => User::NORMAL,
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
2018-07-20 14:42:43 +08:00
|
|
|
$this->assertAuthenticated();
|
2018-08-17 17:03:38 +08:00
|
|
|
|
|
|
|
// Require player name
|
2018-08-19 18:28:38 +08:00
|
|
|
option(['register_with_player_name' => true]);
|
2018-08-17 17:03:38 +08:00
|
|
|
$this->postJson(
|
|
|
|
'/auth/register',
|
|
|
|
[
|
2018-08-19 18:28:38 +08:00
|
|
|
'email' => 'abc@test.org',
|
2018-08-17 17:03:38 +08:00
|
|
|
'password' => '12345678',
|
|
|
|
'player_name' => 'name',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-08-17 17:03:38 +08:00
|
|
|
]
|
2019-04-23 11:47:45 +08:00
|
|
|
)->assertJson(['code' => 0]);
|
2019-03-13 13:16:51 +08:00
|
|
|
$this->assertNotNull(Player::where('player', 'name'));
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testForgot()
|
|
|
|
{
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->get('/auth/forgot')->assertSee('Forgot Password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2018-07-15 18:18:56 +08:00
|
|
|
config(['mail.driver' => '']);
|
2018-08-17 12:32:44 +08:00
|
|
|
$this->get('/auth/forgot')->assertSee(trans('auth.forgot.disabled'));
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testHandleForgot()
|
|
|
|
{
|
2018-07-13 19:23:20 +08:00
|
|
|
Mail::fake();
|
|
|
|
|
2017-10-30 12:40:34 +08:00
|
|
|
// Should be forbidden if "forgot password" is closed
|
2018-07-15 18:18:56 +08:00
|
|
|
config(['mail.driver' => '']);
|
2018-08-12 16:00:21 +08:00
|
|
|
$this->postJson('/auth/forgot', [
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 1,
|
|
|
|
'message' => trans('auth.forgot.disabled'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
2018-07-15 18:18:56 +08:00
|
|
|
config(['mail.driver' => 'smtp']);
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2018-08-17 22:54:26 +08:00
|
|
|
$lastMailCacheKey = sha1('last_mail_'.get_client_ip());
|
2018-08-17 16:07:24 +08:00
|
|
|
|
2017-10-30 12:40:34 +08:00
|
|
|
// Should be forbidden if sending email frequently
|
2019-04-04 09:48:04 +08:00
|
|
|
Cache::put($lastMailCacheKey, time());
|
|
|
|
$this->postJson('/auth/forgot', [
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 2,
|
|
|
|
'message' => trans('auth.forgot.frequent-mail'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
2019-04-04 09:48:04 +08:00
|
|
|
Cache::flush();
|
2018-08-17 16:07:24 +08:00
|
|
|
$this->flushSession();
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if user is not existed
|
|
|
|
$user = factory(User::class)->create();
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->withSession(['phrase' => 'a'])->postJson('/auth/forgot', [
|
2017-10-30 12:40:34 +08:00
|
|
|
'email' => 'nope@nope.net',
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 1,
|
|
|
|
'message' => trans('auth.forgot.unregistered'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
|
|
|
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson('/auth/forgot', [
|
2017-10-30 12:40:34 +08:00
|
|
|
'email' => $user->email,
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 0,
|
|
|
|
'message' => trans('auth.forgot.success'),
|
2018-08-17 16:07:24 +08:00
|
|
|
]);
|
2019-04-04 09:48:04 +08:00
|
|
|
$this->assertTrue(Cache::has($lastMailCacheKey));
|
|
|
|
Cache::flush();
|
2018-07-18 11:04:34 +08:00
|
|
|
Mail::assertSent(ForgotPassword::class, function ($mail) use ($user) {
|
|
|
|
return $mail->hasTo($user->email);
|
2018-07-15 17:42:03 +08:00
|
|
|
});
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should handle exception when sending email
|
2018-07-15 17:42:03 +08:00
|
|
|
Mail::shouldReceive('to')
|
2017-10-30 12:40:34 +08:00
|
|
|
->once()
|
|
|
|
->andThrow(new \Mockery\Exception('A fake exception.'));
|
|
|
|
$this->flushSession();
|
|
|
|
$this->withSession(['phrase' => 'a'])
|
2018-07-13 15:13:35 +08:00
|
|
|
->postJson('/auth/forgot', [
|
2017-10-30 12:40:34 +08:00
|
|
|
'email' => $user->email,
|
2019-03-02 22:58:37 +08:00
|
|
|
'captcha' => 'a',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 2,
|
|
|
|
'message' => trans('auth.forgot.failed', ['msg' => 'A fake exception.']),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
2018-07-23 09:33:55 +08:00
|
|
|
|
|
|
|
// Addition: Mailable test
|
|
|
|
$site_name = option_localized('site_name');
|
|
|
|
$mailable = new ForgotPassword('url');
|
|
|
|
$mailable->build();
|
|
|
|
$this->assertTrue($mailable->hasFrom(config('mail.username'), $site_name));
|
2018-08-16 18:10:09 +08:00
|
|
|
$this->assertEquals(trans('auth.forgot.mail.title', ['sitename' => $site_name]), $mailable->subject);
|
|
|
|
$this->assertEquals('mails.password-reset', $mailable->view);
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testReset()
|
|
|
|
{
|
|
|
|
$user = factory(User::class)->create();
|
|
|
|
|
2018-07-18 11:04:34 +08:00
|
|
|
$this->get(
|
|
|
|
URL::temporarySignedRoute('auth.reset', now()->addHour(), ['uid' => $user->uid])
|
|
|
|
)->assertSuccessful();
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testHandleReset()
|
|
|
|
{
|
|
|
|
$user = factory(User::class)->create();
|
2018-07-18 11:04:34 +08:00
|
|
|
$url = URL::temporarySignedRoute('auth.reset', now()->addHour(), ['uid' => $user->uid]);
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `password` is empty
|
2019-04-05 08:58:00 +08:00
|
|
|
$this->postJson($url)->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `password` is too short
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2018-07-18 11:04:34 +08:00
|
|
|
$url, [
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => '123',
|
2019-04-05 08:58:00 +08:00
|
|
|
])->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
|
|
|
// Should return a warning if `password` is too long
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2018-07-18 11:04:34 +08:00
|
|
|
$url, [
|
2019-03-02 22:58:37 +08:00
|
|
|
'password' => Str::random(33),
|
2019-04-05 08:58:00 +08:00
|
|
|
])->assertJsonValidationErrors('password');
|
2017-10-30 12:40:34 +08:00
|
|
|
|
2017-11-05 10:25:20 +08:00
|
|
|
// Success
|
2018-07-13 15:13:35 +08:00
|
|
|
$this->postJson(
|
2018-07-18 11:04:34 +08:00
|
|
|
$url, [
|
2017-11-05 10:25:20 +08:00
|
|
|
'password' => '12345678',
|
2018-07-13 15:13:35 +08:00
|
|
|
])->assertJson([
|
2019-04-23 11:47:45 +08:00
|
|
|
'code' => 0,
|
|
|
|
'message' => trans('auth.reset.success'),
|
2017-10-30 12:40:34 +08:00
|
|
|
]);
|
|
|
|
// We must re-query the user model,
|
|
|
|
// because the old instance hasn't been changed
|
|
|
|
// after resetting password.
|
|
|
|
$user = User::find($user->uid);
|
|
|
|
$this->assertTrue($user->verifyPassword('12345678'));
|
|
|
|
}
|
|
|
|
|
2018-08-17 12:32:44 +08:00
|
|
|
public function testVerify()
|
|
|
|
{
|
|
|
|
$url = URL::signedRoute('auth.verify', ['uid' => 1]);
|
|
|
|
|
|
|
|
// Should be forbidden if account verification is disabled
|
|
|
|
option(['require_verification' => false]);
|
|
|
|
$this->get($url)->assertSee(trans('user.verification.disabled'));
|
|
|
|
option(['require_verification' => true]);
|
|
|
|
|
|
|
|
$this->get($url)->assertSee(trans('auth.verify.invalid'));
|
|
|
|
|
|
|
|
$user = factory(User::class)->create();
|
|
|
|
$url = URL::signedRoute('auth.verify', ['uid' => $user->uid]);
|
|
|
|
$this->get($url)->assertSee(trans('auth.verify.invalid'));
|
|
|
|
|
|
|
|
$user = factory(User::class)->create(['verified' => false]);
|
|
|
|
$url = URL::signedRoute('auth.verify', ['uid' => $user->uid]);
|
|
|
|
$this->get($url)->assertViewIs('auth.verify');
|
|
|
|
$this->assertEquals(1, User::find($user->uid)->verified);
|
|
|
|
}
|
2019-04-23 10:05:58 +08:00
|
|
|
|
|
|
|
public function testApiLogin()
|
|
|
|
{
|
|
|
|
$user = factory(User::class)->create();
|
|
|
|
$user->changePassword('12345678');
|
|
|
|
|
|
|
|
$this->postJson('/api/auth/login')->assertJson(['token' => false]);
|
|
|
|
$token = $this->postJson('/api/auth/login', [
|
|
|
|
'email' => $user->email,
|
|
|
|
'password' => '12345678'
|
|
|
|
])->decodeResponseJson('token');
|
|
|
|
$this->assertTrue(is_string($token));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testApiLogout()
|
|
|
|
{
|
|
|
|
$user = factory(User::class)->create();
|
|
|
|
$user->changePassword('12345678');
|
|
|
|
$token = $this->postJson('/api/auth/login', [
|
|
|
|
'email' => $user->email,
|
|
|
|
'password' => '12345678'
|
|
|
|
])->decodeResponseJson('token');
|
|
|
|
|
|
|
|
$this->post('/api/auth/logout', [], [
|
|
|
|
'Authorization' => "Bearer $token"
|
|
|
|
])->assertStatus(204);
|
|
|
|
}
|
2019-04-23 12:45:06 +08:00
|
|
|
|
|
|
|
public function testApiRefresh()
|
|
|
|
{
|
|
|
|
$user = factory(User::class)->create();
|
|
|
|
$user->changePassword('12345678');
|
|
|
|
$token = $this->postJson('/api/auth/login', [
|
|
|
|
'email' => $user->email,
|
|
|
|
'password' => '12345678'
|
|
|
|
])->decodeResponseJson('token');
|
|
|
|
|
|
|
|
$token = $this->postJson('/api/auth/refresh', [], [
|
|
|
|
'Authorization' => "Bearer $token"
|
|
|
|
])->decodeResponseJson('token');
|
|
|
|
$this->assertTrue(is_string($token));
|
|
|
|
}
|
2017-10-30 12:40:34 +08:00
|
|
|
}
|