wip

conedevelopment · Jul 1, 2024 · 1a168f8 · 1a168f8
1 parent 0e88b9c
commit 1a168f8
Show file tree

Hide file tree

Showing 7 changed files with 169 additions and 1 deletion.
diff --git a/database/factories/AuthCodeFactory.php b/database/factories/AuthCodeFactory.php
@@ -25,4 +25,14 @@ public function definition(): array
             'expires_at' => Date::now()->addMinutes(5),
         ];
     }
+
+    /**
+     * Indicate that the model should be expired.
+     */
+    public function expired(): static
+    {
+        return $this->state(fn (array $attributes) => [
+            'expires_at' => Date::now()->subMinute(),
+        ]);
+    }
 }
diff --git a/tests/Http/AuthLoginControllerTest.php b/tests/Http/AuthLoginControllerTest.php
@@ -2,10 +2,12 @@
 
 namespace Cone\Root\Tests\Http;
 
+use Cone\Root\Notifications\AuthCodeNotification;
 use Cone\Root\Tests\TestCase;
 use Cone\Root\Tests\User;
 use Illuminate\Auth\Events\Login;
 use Illuminate\Support\Facades\Event;
+use Illuminate\Support\Facades\Notification;
 
 class AuthLoginControllerTest extends TestCase
 {
@@ -63,6 +65,23 @@ public function test_login_controller_login(): void
         $this->assertAuthenticatedAs($user);
     }
 
+    public function test_login_controller_two_factor_login(): void
+    {
+        Notification::fake([
+            AuthCodeNotification::class,
+        ]);
+
+        $user = User::factory()->create(['email' => '[email protected]']);
+
+        $this->post('/root/login', [
+            'email' => $user->email,
+            'password' => 'password',
+        ])->assertRedirect()
+            ->assertSessionHas('status', __('The two factor authentication link has been sent!'));
+
+        Notification::assertSentTo($user, AuthCodeNotification::class);
+    }
+
     public function test_login_controller_logout(): void
     {
         $this->app['auth']->login($this->user);

diff --git a/tests/Http/AuthResetPasswordControllerTest.php b/tests/Http/AuthResetPasswordControllerTest.php
@@ -18,7 +18,7 @@ protected function setUp(): void
     {
         parent::setUp();
 
-        $this->user = User::factory()->create();
+        $this->user = User::factory()->unverified()->create();
 
         $this->token = Password::broker()->createToken($this->user);
     }

diff --git a/tests/Http/AuthTwoFactorControllerTest.php b/tests/Http/AuthTwoFactorControllerTest.php
@@ -0,0 +1,66 @@
+<?php
+
+namespace Cone\Root\Tests\Http;
+
+use Cone\Root\Models\AuthCode;
+use Cone\Root\Notifications\AuthCodeNotification;
+use Cone\Root\Tests\TestCase;
+use Cone\Root\Tests\User;
+use Illuminate\Support\Facades\Notification;
+
+class AuthTwoFactorControllerTest extends TestCase
+{
+    protected User $user;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->user = User::factory()->create(['email' => '[email protected]']);
+    }
+
+    public function test_two_factor_controller_show(): void
+    {
+        $this->actingAs($this->user)
+            ->get('/root/two-factor')
+            ->assertOk()
+            ->assertViewIs('root::auth.two-factor');
+    }
+
+    public function test_two_factor_controller_resend(): void
+    {
+        Notification::fake();
+
+        $this->actingAs($this->user)
+            ->post('/root/two-factor/resend')
+            ->assertRedirect('/root/two-factor')
+            ->assertSessionHas('status', __('The authentication code has been sent!'));
+
+        Notification::assertSentTo($this->user, AuthCodeNotification::class);
+    }
+
+    public function test_two_factor_controller_verify(): void
+    {
+        $code = AuthCode::factory()->for($this->user)->create();
+
+        $this->actingAs($this->user)
+            ->post('/root/two-factor', [
+                'code' => 000000,
+            ])
+            ->assertRedirect('/root/two-factor')
+            ->assertSessionHasErrors([
+                'code' => __('The authentication code is not valid!'),
+            ]);
+
+        $this->actingAs($this->user)
+            ->post('/root/two-factor', [
+                'code' => $code->code,
+                'trust' => true,
+            ])
+            ->assertRedirect('/root')
+            ->assertCookie('device_token')
+            ->assertSessionHas('root.auth.two-factor', true);
+
+        $this->assertDatabaseMissing('root_auth_codes', ['id' => $code->getKey()]);
+    }
+}
diff --git a/tests/Models/AuthCodeTest.php b/tests/Models/AuthCodeTest.php
@@ -0,0 +1,55 @@
+<?php
+
+namespace Cone\Root\Tests\Models;
+
+use Cone\Root\Models\AuthCode;
+use Cone\Root\Tests\TestCase;
+use Cone\Root\Tests\User;
+
+class AuthCodeTest extends TestCase
+{
+    protected User $user;
+
+    protected AuthCode $code;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        $this->user = User::factory()->create();
+
+        $this->code = AuthCode::factory()->for($this->user)->create();
+    }
+
+    public function test_an_auth_code_belongs_to_a_user(): void
+    {
+        $this->assertTrue($this->code->user->is($this->user));
+    }
+
+    public function test_an_auth_code_can_be_expired(): void
+    {
+        $this->assertTrue($this->code->active());
+        $this->assertFalse($this->code->expired());
+
+        $expired = AuthCode::factory()->for($this->user)->expired()->create();
+
+        $this->assertFalse($expired->active());
+        $this->assertTrue($expired->expired());
+    }
+
+    public function test_an_auth_code_has_active_query_scope(): void
+    {
+        $this->assertSame(
+            'select * from "root_auth_codes" where "root_auth_codes"."expires_at" > ?',
+            AuthCode::query()->active()->toSql()
+        );
+    }
+
+    public function test_an_auth_code_has_expired_query_scope(): void
+    {
+        $this->assertSame(
+            'select * from "root_auth_codes" where "root_auth_codes"."expires_at" <= ?',
+            AuthCode::query()->expired()->toSql()
+        );
+    }
+}
diff --git a/tests/Models/UserTest.php b/tests/Models/UserTest.php
@@ -2,6 +2,7 @@
 
 namespace Cone\Root\Tests\Models;
 
+use Cone\Root\Models\AuthCode;
 use Cone\Root\Models\Medium;
 use Cone\Root\Models\Notification;
 use Cone\Root\Tests\TestCase;
@@ -42,4 +43,15 @@ public function test_a_user_has_avatar(): void
 
         $this->assertNotNull($this->user->avatar);
     }
+
+    public function test_a_user_has_auth_codes(): void
+    {
+        $code = $this->user->authCodes()->save(
+            AuthCode::factory()->make()
+        );
+
+        $this->assertTrue($this->user->authCodes->contains($code));
+
+        $this->assertTrue($this->user->authCode->is($code));
+    }
 }
diff --git a/tests/User.php b/tests/User.php
@@ -11,6 +11,7 @@
 use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Database\Eloquent\Relations\MorphToMany;
 use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Http\Request;
 
 class User extends Model implements MustVerifyEmail
 {
@@ -68,4 +69,9 @@ public function employer(): MorphTo
     {
         return $this->morphTo();
     }
+
+    public function shouldTwoFactorAuthenticate(Request $request): bool
+    {
+        return $this->email === '[email protected]';
+    }
 }