mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-08-06 08:27:42 +02:00
Code Issues Releases Wiki Activity

fix(testing): use cookie for testing authentication (#3924)

Browse Source
This commit is contained in:
Sami Mazouz
2023-11-10 22:35:24 +01:00
committed by GitHub
parent 3107319812
commit 693bce912a
4 changed files with 65 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
framework/core/tests/integration/admin/IndexTest.php Normal file
View File

@@ -0,0 +1,52 @@
<?php
/*
* This file is part of Flarum.
*
* For detailed copyright and license information, please view the
* LICENSE file that was distributed with this source code.
*/
namespace Flarum\Tests\integration\admin;
use Flarum\Testing\integration\RetrievesAuthorizedUsers;
use Flarum\Testing\integration\TestCase;
class IndexTest extends TestCase
{
use RetrievesAuthorizedUsers;
/**
* @inheritDoc
*/
protected function setUp(): void
{
$this->prepareDatabase([
'users' => [
$this->normalUser()
]
]);
}
public function admin_can_access_admin_route(): void
{
$response = $this->send(
$this->request('GET', '/admin', [
'authenticatedAs' => 1,
])
);
$this->assertEquals(200, $response->getStatusCode());
}
public function user_cannot_access_admin_route(): void
{
$response = $this->send(
$this->request('GET', '/admin', [
'authenticatedAs' => 2,
])
);
$this->assertEquals(403, $response->getStatusCode());
}
}

19
framework/core/tests/integration/forum/GlobalLogoutTest.php
View File

@@ -59,19 +59,12 @@ class GlobalLogoutTest extends TestCase
* @dataProvider canGloballyLogoutDataProvider * @dataProvider canGloballyLogoutDataProvider
* @test * @test
*/ */
public function can_globally_log_out(int $authenticatedAs, string $identification, string $password) public function can_globally_log_out(int $authenticatedAs)
{ {
$loginResponse = $this->send(
$this->request('POST', '/login', [
'json' => compact('identification', 'password')
])
);
$response = $this->send( $response = $this->send(
$this->requestWithCookiesFrom( $this->request('POST', '/global-logout', [
$this->request('POST', '/global-logout'), 'authenticatedAs' => $authenticatedAs,
$loginResponse, ]),
)
); );
$this->assertEquals(204, $response->getStatusCode()); $this->assertEquals(204, $response->getStatusCode());
@@ -85,10 +78,10 @@ class GlobalLogoutTest extends TestCase
{ {
return [ return [
// Admin // Admin
[1, 'admin', 'password'], [1],
// Normal user // Normal user
[2, 'normal', 'too-obscure'], [2],
]; ];
} }
} }

16
framework/core/tests/integration/forum/IndexTest.php
View File

@@ -9,7 +9,6 @@
namespace Flarum\Tests\integration\forum; namespace Flarum\Tests\integration\forum;
use Flarum\Extend;
use Flarum\Testing\integration\RetrievesAuthorizedUsers; use Flarum\Testing\integration\RetrievesAuthorizedUsers;
use Flarum\Testing\integration\TestCase; use Flarum\Testing\integration\TestCase;
@@ -22,10 +21,6 @@ class IndexTest extends TestCase
*/ */
protected function setUp(): void protected function setUp(): void
{ {
$this->extend(
(new Extend\Csrf)->exemptRoute('login')
);
$this->prepareDatabase([ $this->prepareDatabase([
'users' => [ 'users' => [
$this->normalUser() $this->normalUser()
@@ -51,18 +46,9 @@ class IndexTest extends TestCase
*/ */
public function user_serialized_by_current_user_serializer() public function user_serialized_by_current_user_serializer()
{ {
$login = $this->send(
$this->request('POST', '/login', [
'json' => [
'identification' => 'normal',
'password' => 'too-obscure'
]
])
);
$response = $this->send( $response = $this->send(
$this->request('GET', '/', [ $this->request('GET', '/', [
'cookiesFrom' => $login 'authenticatedAs' => 2,
]) ])
); );

8
php-packages/testing/src/integration/BuildsHttpRequests.php
View File

@@ -11,6 +11,7 @@ namespace Flarum\Testing\integration;
use Carbon\Carbon; use Carbon\Carbon;
use Dflydev\FigCookies\SetCookie; use Dflydev\FigCookies\SetCookie;
use Flarum\Http\CookieFactory;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Laminas\Diactoros\CallbackStream; use Laminas\Diactoros\CallbackStream;
use Psr\Http\Message\ResponseInterface as Response; use Psr\Http\Message\ResponseInterface as Response;
@@ -46,11 +47,14 @@ trait BuildsHttpRequests
'user_id' => $userId, 'user_id' => $userId,
'created_at' => Carbon::now()->toDateTimeString(), 'created_at' => Carbon::now()->toDateTimeString(),
'last_activity_at' => Carbon::now()->toDateTimeString(), 'last_activity_at' => Carbon::now()->toDateTimeString(),
'type' => 'session' 'type' => 'session_remember'
]); ]);
$cookies = $this->app()->getContainer()->make(CookieFactory::class);
return $req return $req
->withAddedHeader('Authorization', "Token {$token}") ->withAttribute('bypassCsrfToken', true)
->withCookieParams([$cookies->getName('remember') => $token])
// We save the token as an attribute so that we can retrieve it for test purposes. // We save the token as an attribute so that we can retrieve it for test purposes.
->withAttribute('tests_token', $token); ->withAttribute('tests_token', $token);
} }