harry/keystone
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
66f0ee9e50bcf1762048979e1936731e523ea7d1
keystone/tests/Feature/AuthFlowsTest.php
Harry Bayliss 66f0ee9e50
All checks were successful
CI / Tests (push) Successful in 43s
Details
CI / Lint (push) Successful in 1m3s
Details
Migrate to Gitea, switch JS tooling to oxlint/oxfmt, lift test coverage to 95% 
- Add .gitea/workflows/ci.yml ported from lifeos (lint + tests with coverage gate)
- Set up phpstan (larastan + peststan, baseline at level max)
- Replace eslint/prettier with oxlint/oxfmt; reformat resources/
- Add composer phpstan/coverage/quality scripts; restore --min=95 coverage gate
- Exclude integration plumbing (Saloon Hetzner classes, SSH wrappers, console
  commands, DTOs) from coverage to keep the gate focused on business logic
- Add ~12 new test files covering models, drivers, controllers, jobs, auth
  flows, request validators, and the IP CIDR helper
- Fix Support\Ip::inNetwork PHP 8.4 TypeError in CIDR mask check
- Fix FirewallRule::command comparing the enum-cast type column to a string
- Fix Server::network using the wrong foreign key column
- Remove unreachable code under abort(403) in RegisteredUserController
2026-05-13 16:51:07 +01:00

75 lines
2.2 KiB
PHP
Raw Blame History

<?php
use App\Models\User;
use Illuminate\Auth\Events\Lockout;
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\RateLimiter;
use function Pest\Laravel\actingAs;
it('locks out login after five failed attempts and fires a Lockout event', function () {
Event::fake([Lockout::class]);
$user = User::factory()->create();
for ($i = 0; $i < 5; $i++) {
$this->post('/login', [
'email' => $user->email,
'password' => 'wrong-password',
]);
}
$response = $this->post('/login', [
'email' => $user->email,
'password' => 'wrong-password',
]);
$response->assertSessionHasErrors('email');
Event::assertDispatched(Lockout::class);
RateLimiter::clear(\Illuminate\Support\Str::lower($user->email).'|127.0.0.1');
});
it('redirects already-verified users away from the verification prompt', function () {
$user = User::factory()->create();
$response = actingAs($user)->get('/verify-email');
$response->assertRedirect(route('dashboard', absolute: false));
});
it('redirects users with a verified email back to the dashboard when re-verifying', function () {
$user = User::factory()->create();
$verificationUrl = \Illuminate\Support\Facades\URL::temporarySignedRoute(
'verification.verify',
now()->addMinutes(60),
['id' => $user->id, 'hash' => sha1($user->email)]
);
$response = actingAs($user)->get($verificationUrl);
$response->assertRedirect(route('dashboard', absolute: false).'?verified=1');
});
it('renders the password settings page for an authenticated user', function () {
$user = User::factory()->create();
$response = actingAs($user)->get('/settings/password');
$response->assertOk();
});
it('updates the password when the current password is correct', function () {
$user = User::factory()->create();
$response = actingAs($user)->put('/settings/password', [
'current_password' => 'password',
'password' => 'new-secret-pw',
'password_confirmation' => 'new-secret-pw',
]);
$response->assertSessionHasNoErrors();
expect(\Illuminate\Support\Facades\Hash::check('new-secret-pw', $user->fresh()->password))->toBeTrue();
});
Reference in New Issue View Git Blame Copy Permalink