127 lines
3.4 KiB
PHP
127 lines
3.4 KiB
PHP
<?php
|
|
|
|
namespace Tests\Feature\Auth;
|
|
|
|
use App\Models\User;
|
|
use Cache;
|
|
use Tests\Facades\UserFactory;
|
|
use Tests\TestCase;
|
|
|
|
class LoginTest extends TestCase
|
|
{
|
|
private const URI = 'auth/login';
|
|
private const TEST_URI = 'auth/me';
|
|
|
|
private User $user;
|
|
|
|
private array $loginData;
|
|
|
|
private const CAPTCHA_CACHE_KEY = 'AUTH_RECAPTCHA_LIMITER_{ip}_{email}_ATTEMPTS';
|
|
private const BAN_CACHE_KEY = 'AUTH_RATE_LIMITER_{ip}';
|
|
|
|
protected function setUp(): void
|
|
{
|
|
parent::setUp();
|
|
|
|
$this->user = UserFactory::create();
|
|
|
|
$this->loginData = [
|
|
'email' => $this->user->email,
|
|
'password' => $this->user->full_name
|
|
];
|
|
}
|
|
|
|
public function test_success(): void
|
|
{
|
|
$response = $this->postJson(self::URI, $this->loginData);
|
|
$response->assertOk();
|
|
|
|
$this->actingAs($response->decodeResponseJson()['access_token'])->get(self::TEST_URI)->assertOk();
|
|
}
|
|
|
|
public function test_wrong_credentials(): void
|
|
{
|
|
$this->loginData['password'] = 'wrong_password';
|
|
$response = $this->postJson(self::URI, $this->loginData);
|
|
|
|
$response->assertUnauthorized();
|
|
}
|
|
|
|
public function test_disabled_user(): void
|
|
{
|
|
$this->user->active = false;
|
|
$this->user->save();
|
|
$response = $this->postJson(self::URI, $this->loginData);
|
|
|
|
$response->assertForbidden('authorization.user_disabled', false);
|
|
}
|
|
|
|
public function test_soft_deleted_user(): void
|
|
{
|
|
$this->user->delete();
|
|
$response = $this->postJson(self::URI, $this->loginData);
|
|
|
|
$response->assertUnauthorized();
|
|
}
|
|
|
|
public function test_without_params(): void
|
|
{
|
|
$response = $this->postJson(self::URI);
|
|
|
|
$response->assertError(self::HTTP_BAD_REQUEST);
|
|
}
|
|
|
|
public function test_recaptcha(): void
|
|
{
|
|
config(['recaptcha.enabled' => true]);
|
|
config(['recaptcha.failed_attempts' => 1]);
|
|
|
|
$cacheKey = str_replace(
|
|
['{email}', '{ip}'],
|
|
[$this->loginData['email'], '127.0.0.1'],
|
|
self::CAPTCHA_CACHE_KEY
|
|
);
|
|
|
|
$this->assertFalse(Cache::has($cacheKey));
|
|
|
|
$this->loginData['password'] = 'wrong_password';
|
|
$this->postJson(self::URI, $this->loginData);
|
|
|
|
$this->assertTrue(Cache::has($cacheKey));
|
|
|
|
$this->assertEquals(1, Cache::get($cacheKey));
|
|
|
|
$response = $this->postJson(self::URI, $this->loginData);
|
|
|
|
$response->assertError(self::HTTP_TOO_MANY_REQUESTS, 'authorization.captcha');
|
|
}
|
|
|
|
public function test_ban(): void
|
|
{
|
|
config(['recaptcha.enabled' => true]);
|
|
config(['recaptcha.rate_limiter_enabled' => true]);
|
|
config(['recaptcha.failed_attempts' => 0]);
|
|
config(['recaptcha.ban_attempts' => 1]);
|
|
|
|
$cacheKey = str_replace('{ip}', '127.0.0.1', self::BAN_CACHE_KEY);
|
|
|
|
$this->assertFalse(Cache::has($cacheKey));
|
|
|
|
$this->loginData['password'] = 'wrong_password';
|
|
$this->postJson(self::URI, $this->loginData);
|
|
|
|
$this->assertTrue(Cache::has($cacheKey));
|
|
|
|
$cacheResponse = Cache::get($cacheKey);
|
|
|
|
$this->assertArrayHasKey('amounts', $cacheResponse);
|
|
$this->assertArrayHasKey('time', $cacheResponse);
|
|
|
|
$this->assertEquals(1, $cacheResponse['amounts']);
|
|
|
|
$response = $this->postJson(self::URI, $this->loginData);
|
|
|
|
$response->assertError(self::HTTP_LOCKED, 'authorization.banned');
|
|
}
|
|
}
|