Started testing the AuthController

README.md

@@ -104,7 +104,7 @@ The following Services are provided by the package:
 
 **authentication** 
 
-Provides access to any of the authenticacation packages that Myth:Auth knows about. By default
+Provides access to any of the authentication packages that Myth:Auth knows about. By default
 it will return the "Local Authentication" library, which is the basic password-based system.
 
     $authenticate = Config\Services::authentication();

src/Config/Auth.php

@@ -43,50 +43,50 @@ class Auth extends BaseConfig
     //--------------------------------------------------------------------
     // Additional Fields for "Nothing Personal"
     //--------------------------------------------------------------------
-    // The NothingPersonalValidator prevents personal information from 
-    // being used in passwords. The email and username fields are always 
+    // The NothingPersonalValidator prevents personal information from
+    // being used in passwords. The email and username fields are always
     // considered by the validator. Do not enter those field names here.
-    // 
-    // An extend User Entity might include other personal info such as 
-    // first and/or last names. $personalFields is where you can add 
-    // fields to be considered as "personal" by the NothingPersonalValidator. 
-    // For example: 
+    //
+    // An extend User Entity might include other personal info such as
+    // first and/or last names. $personalFields is where you can add
+    // fields to be considered as "personal" by the NothingPersonalValidator.
+    // For example:
     //     $personalFields = ['firstname', 'lastname'];
 
     public $personalFields = [];
 
     //--------------------------------------------------------------------
     // Password / Username Similarity
     //--------------------------------------------------------------------
-    //  Among other things, the NothingPersonalValidator checks the 
-    //  amount of sameness between the password and username. 
-    //  Passwords that are too much like the username are invalid. 
-    //  
+    //  Among other things, the NothingPersonalValidator checks the
+    //  amount of sameness between the password and username.
+    //  Passwords that are too much like the username are invalid.
+    //
     //  The value set for $maxSimilarity represents the maximum percentage
     //  of similarity at which the password will be accepted. In other words, any
     //  calculated similarity equal to, or greater than $maxSimilarity
     //  is rejected.
-    //   
+    //
     //  The accepted range is 0-100, with 0 (zero) meaning don't check similarity.
-    //  Using values at either extreme of the *working range* (1-100) is 
-    //  not advised. The low end is too restrictive and the high end is too permissive.  
-    //  The suggested value for $maxSimilarity is 50. 
-    //  
+    //  Using values at either extreme of the *working range* (1-100) is
+    //  not advised. The low end is too restrictive and the high end is too permissive.
+    //  The suggested value for $maxSimilarity is 50.
+    //
     //  You may be thinking that a value of 100 should have the effect of accepting
-    //  everything like a value of 0 does. That's logical and probably true, 
-    //  but is unproven and untested. Besides, 0 skips the work involved 
+    //  everything like a value of 0 does. That's logical and probably true,
+    //  but is unproven and untested. Besides, 0 skips the work involved
     //  making the calculation unlike when using 100.
-    //  
-    //  The (admittedly limited) testing that's been done suggests a useful working range 
+    //
+    //  The (admittedly limited) testing that's been done suggests a useful working range
     //  of 50 to 60. You can set it lower than 50, but site users will probably start
-    //  to complain about the large number of proposed passwords getting rejected. 
-    //  At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as 
+    //  to complain about the large number of proposed passwords getting rejected.
+    //  At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as
     //  perfectly acceptable which clearly they are not.
     //
- 
-    //  To disable similarity checking set the value to 0. 
-    //      public $maxSimilarity = 0; 
-    //      
+
+    //  To disable similarity checking set the value to 0.
+    //      public $maxSimilarity = 0;
+    //
     public $maxSimilarity = 50;
 
     //--------------------------------------------------------------------
@@ -204,7 +204,7 @@ class Auth extends BaseConfig
     //--------------------------------------------------------------------
     // Activator classes
     //--------------------------------------------------------------------
-    // Avaliable activators with config settings
+    // Available activators with config settings
     //
     public $userActivators = [
         'Myth\Auth\Authentication\Activators\EmailActivator' => [

src/Config/Services.php

@@ -8,7 +8,7 @@
 use Myth\Auth\Authorization\PermissionModel;
 use Myth\Auth\Authentication\Passwords\PasswordValidator;
 use Myth\Auth\Authentication\Activators\UserActivator;
-use CodeIgniter\Config\BaseService;
+use Config\Services as BaseService;
 
 class Services extends BaseService
 {

src/Controllers/AuthController.php

@@ -129,7 +129,7 @@ public function register()
 			return redirect()->back()->withInput()->with('error', lang('Auth.registerDisabled'));
 		}
 
-		echo view($this->config->views['register'], ['config' => $this->config]);
+		return view($this->config->views['register'], ['config' => $this->config]);
 	}
 
 	/**
@@ -387,6 +387,6 @@ public function resendActivateAccount()
 
 		// Success!
 		return redirect()->route('login')->with('message', lang('Auth.activationSuccess'));
-		
+
 	}
 }

tests/_support/AuthTestCase.php

@@ -67,6 +67,7 @@ protected function mockSession()
 		$config = config('App');
 		$this->session = new MockSession(new ArrayHandler($config, '0.0.0.0'), $config);
 		\Config\Services::injectMock('session', $this->session);
+		$_SESSION = [];
 	}
 
 	/**

tests/controllers/RegisterTest.php

@@ -0,0 +1,96 @@
+<?php
+
+use ModuleTests\Support\AuthTestCase;
+use CodeIgniter\Test\ControllerTester;
+use Myth\Auth\Controllers\AuthController;
+
+class RegisterTest extends AuthTestCase
+{
+    use ControllerTester;
+
+    protected $refresh = true;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        // Make sure our valiation rules include strong_password
+        $vConfig = new \Config\Validation();
+        $vConfig->ruleSets[] = \Myth\Auth\Authentication\Passwords\ValidationRules::class;
+        \CodeIgniter\Config\Config::injectMock('Validation', $vConfig);
+
+        // Make sure our routes are mapped
+        $routes = service('routes');
+        $routes->add('login', 'AuthController::login', ['as' => 'login']);
+        \Config\Services::injectMock('routes', $routes);
+    }
+
+    public function testRegisterDisplaysForm()
+    {
+        $result = $this->withUri(site_url('register'))
+                    ->controller(AuthController::class)
+                    ->execute('register');
+
+        $this->assertTrue($result->isOK());
+        $result->see('Register', 'h2');
+    }
+
+    public function testAttemptRegisterDisabled()
+    {
+        $config = new \Myth\Auth\Config\Auth();
+        $config->allowRegistration = false;
+        \CodeIgniter\Config\Config::injectMock('Auth', $config);
+
+        $result = $this->withUri(site_url('register'))
+            ->controller(AuthController::class)
+            ->execute('attemptRegister');
+
+        $this->assertTrue($result->isRedirect());
+        $this->assertEquals(lang('Auth.registerDisabled'), $_SESSION['error']);
+    }
+
+    public function testAttemptRegisterValidationErrors()
+    {
+        $config = new \Myth\Auth\Config\Auth();
+        $config->allowRegistration = true;
+        \CodeIgniter\Config\Config::injectMock('Auth', $config);
+
+        $result = $this->withUri(site_url('register'))
+            ->controller(AuthController::class)
+            ->execute('attemptRegister');
+
+        $this->assertTrue($result->isRedirect());
+        $this->asserttrue(isset($_SESSION['_ci_validation_errors']));
+    }
+
+    public function testAttemptRegisterCreatesUser()
+    {
+        // Set form input
+        $data = [
+            'username' => 'Joe Cool',
+            'email' => 'jc@example.com',
+            'password' => 'xaH96AhjglK',
+            'pass_confirm' => 'xaH96AhjglK'
+        ];
+        $globals = [
+            'request' => $data,
+            'post' => $data,
+        ];
+
+        $request = service('request', null, false);
+        $this->setPrivateProperty($request, 'globals', $globals);
+
+        // don't require activation for this...
+        $config = config('Auth');
+        $config->requireActivation = false;
+        \CodeIgniter\Config\Config::injectMock('Auth', $config);
+
+        $result = $this->withUri(site_url('register'))
+            ->withRequest($request)
+            ->controller(AuthController::class)
+            ->execute('attemptRegister');
+
+        $this->assertTrue($result->isRedirect());
+        $this->assertEquals(lang('Auth.registerSuccess'), $_SESSION['message']);
+    }
+}