Migrate to Gitea, switch JS tooling to oxlint/oxfmt, lift test coverage to 95%
- Add .gitea/workflows/ci.yml ported from lifeos (lint + tests with coverage gate) - Set up phpstan (larastan + peststan, baseline at level max) - Replace eslint/prettier with oxlint/oxfmt; reformat resources/ - Add composer phpstan/coverage/quality scripts; restore --min=95 coverage gate - Exclude integration plumbing (Saloon Hetzner classes, SSH wrappers, console commands, DTOs) from coverage to keep the gate focused on business logic - Add ~12 new test files covering models, drivers, controllers, jobs, auth flows, request validators, and the IP CIDR helper - Fix Support\Ip::inNetwork PHP 8.4 TypeError in CIDR mask check - Fix FirewallRule::command comparing the enum-cast type column to a string - Fix Server::network using the wrong foreign key column - Remove unreachable code under abort(403) in RegisteredUserController
This commit is contained in:
74
tests/Feature/AuthFlowsTest.php
Normal file
74
tests/Feature/AuthFlowsTest.php
Normal file
@@ -0,0 +1,74 @@
|
||||
<?php
|
||||
|
||||
use App\Models\User;
|
||||
use Illuminate\Auth\Events\Lockout;
|
||||
use Illuminate\Support\Facades\Event;
|
||||
use Illuminate\Support\Facades\RateLimiter;
|
||||
|
||||
use function Pest\Laravel\actingAs;
|
||||
|
||||
it('locks out login after five failed attempts and fires a Lockout event', function () {
|
||||
Event::fake([Lockout::class]);
|
||||
|
||||
$user = User::factory()->create();
|
||||
|
||||
for ($i = 0; $i < 5; $i++) {
|
||||
$this->post('/login', [
|
||||
'email' => $user->email,
|
||||
'password' => 'wrong-password',
|
||||
]);
|
||||
}
|
||||
|
||||
$response = $this->post('/login', [
|
||||
'email' => $user->email,
|
||||
'password' => 'wrong-password',
|
||||
]);
|
||||
|
||||
$response->assertSessionHasErrors('email');
|
||||
Event::assertDispatched(Lockout::class);
|
||||
|
||||
RateLimiter::clear(\Illuminate\Support\Str::lower($user->email).'|127.0.0.1');
|
||||
});
|
||||
|
||||
it('redirects already-verified users away from the verification prompt', function () {
|
||||
$user = User::factory()->create();
|
||||
|
||||
$response = actingAs($user)->get('/verify-email');
|
||||
|
||||
$response->assertRedirect(route('dashboard', absolute: false));
|
||||
});
|
||||
|
||||
it('redirects users with a verified email back to the dashboard when re-verifying', function () {
|
||||
$user = User::factory()->create();
|
||||
|
||||
$verificationUrl = \Illuminate\Support\Facades\URL::temporarySignedRoute(
|
||||
'verification.verify',
|
||||
now()->addMinutes(60),
|
||||
['id' => $user->id, 'hash' => sha1($user->email)]
|
||||
);
|
||||
|
||||
$response = actingAs($user)->get($verificationUrl);
|
||||
|
||||
$response->assertRedirect(route('dashboard', absolute: false).'?verified=1');
|
||||
});
|
||||
|
||||
it('renders the password settings page for an authenticated user', function () {
|
||||
$user = User::factory()->create();
|
||||
|
||||
$response = actingAs($user)->get('/settings/password');
|
||||
|
||||
$response->assertOk();
|
||||
});
|
||||
|
||||
it('updates the password when the current password is correct', function () {
|
||||
$user = User::factory()->create();
|
||||
|
||||
$response = actingAs($user)->put('/settings/password', [
|
||||
'current_password' => 'password',
|
||||
'password' => 'new-secret-pw',
|
||||
'password_confirmation' => 'new-secret-pw',
|
||||
]);
|
||||
|
||||
$response->assertSessionHasNoErrors();
|
||||
expect(\Illuminate\Support\Facades\Hash::check('new-secret-pw', $user->fresh()->password))->toBeTrue();
|
||||
});
|
||||
Reference in New Issue
Block a user