github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2025-01-27 11:56:14 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
d1cd4b174b
framework/tests/api/AuthCest.php

64 lines
1.7 KiB
PHP
Raw Normal View History

Implement token-based auth API
2015-01-22 12:14:33 +08:00
<?php
use \ApiTester;
use Laracasts\TestDummy\Factory;
class AuthCest
{
protected $endpoint = '/api/auth';
public function loginWithEmail(ApiTester $I)
{
$I->wantTo('login via API with email');
$user = $I->haveAnAccount([
'email' => 'foo@bar.com',
'password' => 'pass7word'
]);
Improve auth API tests
2015-01-23 12:54:38 +08:00
$I->login('foo@bar.com', 'pass7word');
Implement token-based auth API
2015-01-22 12:14:33 +08:00
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
Upgrade to L5 + huge refactor + more. closes #2 New stuff: - Signup + email confirmation. - Updated authentication strategy with remember cookies. closes #5 - New search system with some example gambits! This is cool - check out the source. Fulltext drivers will be implemented as decorators overriding the EloquentPostRepository’s findByContent method. - Lay down the foundation for bootstrapping the Ember app. - Update Web layer’s asset manager to properly publish CSS/JS files. - Console commands to run installation migrations and seeds. Refactoring: - New structure: move models, repositories, commands, and events into their own namespaces, rather than grouping by entity. - All events are classes. - Use L5 middleware and command bus implementations. - Clearer use of repositories and the Active Record pattern. Repositories are used only for retrieval of ActiveRecord objects, and then save/delete operations are called directly on those ActiveRecords. This way, we don’t over-abstract at the cost of Eloquent magic, but testing is still easy. - Refactor of Web layer so that it uses the Actions routing architecture. - “Actor” concept instead of depending on Laravel’s Auth. - General cleanup!
2015-02-24 18:03:18 +08:00
Improve auth API tests
2015-01-23 12:54:38 +08:00
$token = $I->grabDataFromJsonResponse('token');
$userId = $I->grabDataFromJsonResponse('userId');
$I->assertNotEmpty($token);
Upgrade to L5 + huge refactor + more. closes #2 New stuff: - Signup + email confirmation. - Updated authentication strategy with remember cookies. closes #5 - New search system with some example gambits! This is cool - check out the source. Fulltext drivers will be implemented as decorators overriding the EloquentPostRepository’s findByContent method. - Lay down the foundation for bootstrapping the Ember app. - Update Web layer’s asset manager to properly publish CSS/JS files. - Console commands to run installation migrations and seeds. Refactoring: - New structure: move models, repositories, commands, and events into their own namespaces, rather than grouping by entity. - All events are classes. - Use L5 middleware and command bus implementations. - Clearer use of repositories and the Active Record pattern. Repositories are used only for retrieval of ActiveRecord objects, and then save/delete operations are called directly on those ActiveRecords. This way, we don’t over-abstract at the cost of Eloquent magic, but testing is still easy. - Refactor of Web layer so that it uses the Actions routing architecture. - “Actor” concept instead of depending on Laravel’s Auth. - General cleanup!
2015-02-24 18:03:18 +08:00
Use our own token instead of Laravel's Laravel’s remember_token is tied to the session/cookies, which we don’t need as the API is stateless. It makes much more sense to use our own token mechanism.
2015-01-30 09:38:02 +08:00
$loggedIn = User::where('token', $token)->where('id', $userId)->first();
Implement token-based auth API
2015-01-22 12:14:33 +08:00
$I->assertEquals($user->id, $loggedIn->id);
}
public function loginWithUsername(ApiTester $I)
{
$I->wantTo('login via API with username');
$user = $I->haveAnAccount([
'username' => 'tobscure',
'password' => 'pass7word'
]);
Improve auth API tests
2015-01-23 12:54:38 +08:00
$I->login('tobscure', 'pass7word');
Implement token-based auth API
2015-01-22 12:14:33 +08:00
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
Upgrade to L5 + huge refactor + more. closes #2 New stuff: - Signup + email confirmation. - Updated authentication strategy with remember cookies. closes #5 - New search system with some example gambits! This is cool - check out the source. Fulltext drivers will be implemented as decorators overriding the EloquentPostRepository’s findByContent method. - Lay down the foundation for bootstrapping the Ember app. - Update Web layer’s asset manager to properly publish CSS/JS files. - Console commands to run installation migrations and seeds. Refactoring: - New structure: move models, repositories, commands, and events into their own namespaces, rather than grouping by entity. - All events are classes. - Use L5 middleware and command bus implementations. - Clearer use of repositories and the Active Record pattern. Repositories are used only for retrieval of ActiveRecord objects, and then save/delete operations are called directly on those ActiveRecords. This way, we don’t over-abstract at the cost of Eloquent magic, but testing is still easy. - Refactor of Web layer so that it uses the Actions routing architecture. - “Actor” concept instead of depending on Laravel’s Auth. - General cleanup!
2015-02-24 18:03:18 +08:00
Improve auth API tests
2015-01-23 12:54:38 +08:00
$token = $I->grabDataFromJsonResponse('token');
$userId = $I->grabDataFromJsonResponse('userId');
$I->assertNotEmpty($token);
Use our own token instead of Laravel's Laravel’s remember_token is tied to the session/cookies, which we don’t need as the API is stateless. It makes much more sense to use our own token mechanism.
2015-01-30 09:38:02 +08:00
$loggedIn = User::where('token', $token)->where('id', $userId)->first();
Implement token-based auth API
2015-01-22 12:14:33 +08:00
$I->assertEquals($user->id, $loggedIn->id);
}
public function invalidLogin(ApiTester $I)
{
$user = $I->haveAnAccount([
'email' => 'foo@bar.com',
'password' => 'pass7word'
]);
$I->login('foo@bar.com', 'incorrect');
$I->seeResponseCodeIs(401);
$I->seeResponseIsJson();
}
Upgrade to L5 + huge refactor + more. closes #2 New stuff: - Signup + email confirmation. - Updated authentication strategy with remember cookies. closes #5 - New search system with some example gambits! This is cool - check out the source. Fulltext drivers will be implemented as decorators overriding the EloquentPostRepository’s findByContent method. - Lay down the foundation for bootstrapping the Ember app. - Update Web layer’s asset manager to properly publish CSS/JS files. - Console commands to run installation migrations and seeds. Refactoring: - New structure: move models, repositories, commands, and events into their own namespaces, rather than grouping by entity. - All events are classes. - Use L5 middleware and command bus implementations. - Clearer use of repositories and the Active Record pattern. Repositories are used only for retrieval of ActiveRecord objects, and then save/delete operations are called directly on those ActiveRecords. This way, we don’t over-abstract at the cost of Eloquent magic, but testing is still easy. - Refactor of Web layer so that it uses the Actions routing architecture. - “Actor” concept instead of depending on Laravel’s Auth. - General cleanup!
2015-02-24 18:03:18 +08:00
}
Reference in New Issue Copy Permalink