framework/tests/api/AuthCest.php
Toby Zerner e37d3743ed Use our own token instead of Laravel's
Laravel’s remember_token is tied to the session/cookies, which we don’t
need as the API is stateless. It makes much more sense to use our own
token mechanism.
2015-01-30 12:08:02 +10:30

63 lines
1.7 KiB
PHP

<?php
use \ApiTester;
use Laracasts\TestDummy\Factory;
class AuthCest
{
protected $endpoint = '/api/auth';
public function loginWithEmail(ApiTester $I)
{
$I->wantTo('login via API with email');
$user = $I->haveAnAccount([
'email' => 'foo@bar.com',
'password' => 'pass7word'
]);
$I->login('foo@bar.com', 'pass7word');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$token = $I->grabDataFromJsonResponse('token');
$userId = $I->grabDataFromJsonResponse('userId');
$I->assertNotEmpty($token);
$loggedIn = User::where('token', $token)->where('id', $userId)->first();
$I->assertEquals($user->id, $loggedIn->id);
}
public function loginWithUsername(ApiTester $I)
{
$I->wantTo('login via API with username');
$user = $I->haveAnAccount([
'username' => 'tobscure',
'password' => 'pass7word'
]);
$I->login('tobscure', 'pass7word');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
$token = $I->grabDataFromJsonResponse('token');
$userId = $I->grabDataFromJsonResponse('userId');
$I->assertNotEmpty($token);
$loggedIn = User::where('token', $token)->where('id', $userId)->first();
$I->assertEquals($user->id, $loggedIn->id);
}
public function invalidLogin(ApiTester $I)
{
$user = $I->haveAnAccount([
'email' => 'foo@bar.com',
'password' => 'pass7word'
]);
$I->login('foo@bar.com', 'incorrect');
$I->seeResponseCodeIs(401);
$I->seeResponseIsJson();
}
}