From 62676e981587a6efb7d49b5370da4b760a1a5a59 Mon Sep 17 00:00:00 2001 From: Lonnie Ezell Date: Mon, 16 Mar 2020 00:22:04 -0500 Subject: [PATCH] Started testing the AuthController --- README.md | 2 +- src/Config/Auth.php | 54 ++++++++--------- src/Config/Services.php | 2 +- src/Controllers/AuthController.php | 4 +- tests/_support/AuthTestCase.php | 1 + tests/controllers/RegisterTest.php | 96 ++++++++++++++++++++++++++++++ 6 files changed, 128 insertions(+), 31 deletions(-) create mode 100644 tests/controllers/RegisterTest.php diff --git a/README.md b/README.md index a8030c48..e2988bc2 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,7 @@ The following Services are provided by the package: **authentication** -Provides access to any of the authenticacation packages that Myth:Auth knows about. By default +Provides access to any of the authentication packages that Myth:Auth knows about. By default it will return the "Local Authentication" library, which is the basic password-based system. $authenticate = Config\Services::authentication(); diff --git a/src/Config/Auth.php b/src/Config/Auth.php index e8a1d274..a9932d51 100644 --- a/src/Config/Auth.php +++ b/src/Config/Auth.php @@ -43,14 +43,14 @@ class Auth extends BaseConfig //-------------------------------------------------------------------- // Additional Fields for "Nothing Personal" //-------------------------------------------------------------------- - // The NothingPersonalValidator prevents personal information from - // being used in passwords. The email and username fields are always + // The NothingPersonalValidator prevents personal information from + // being used in passwords. The email and username fields are always // considered by the validator. Do not enter those field names here. - // - // An extend User Entity might include other personal info such as - // first and/or last names. $personalFields is where you can add - // fields to be considered as "personal" by the NothingPersonalValidator. - // For example: + // + // An extend User Entity might include other personal info such as + // first and/or last names. $personalFields is where you can add + // fields to be considered as "personal" by the NothingPersonalValidator. + // For example: // $personalFields = ['firstname', 'lastname']; public $personalFields = []; @@ -58,35 +58,35 @@ class Auth extends BaseConfig //-------------------------------------------------------------------- // Password / Username Similarity //-------------------------------------------------------------------- - // Among other things, the NothingPersonalValidator checks the - // amount of sameness between the password and username. - // Passwords that are too much like the username are invalid. - // + // Among other things, the NothingPersonalValidator checks the + // amount of sameness between the password and username. + // Passwords that are too much like the username are invalid. + // // The value set for $maxSimilarity represents the maximum percentage // of similarity at which the password will be accepted. In other words, any // calculated similarity equal to, or greater than $maxSimilarity // is rejected. - // + // // The accepted range is 0-100, with 0 (zero) meaning don't check similarity. - // Using values at either extreme of the *working range* (1-100) is - // not advised. The low end is too restrictive and the high end is too permissive. - // The suggested value for $maxSimilarity is 50. - // + // Using values at either extreme of the *working range* (1-100) is + // not advised. The low end is too restrictive and the high end is too permissive. + // The suggested value for $maxSimilarity is 50. + // // You may be thinking that a value of 100 should have the effect of accepting - // everything like a value of 0 does. That's logical and probably true, - // but is unproven and untested. Besides, 0 skips the work involved + // everything like a value of 0 does. That's logical and probably true, + // but is unproven and untested. Besides, 0 skips the work involved // making the calculation unlike when using 100. - // - // The (admittedly limited) testing that's been done suggests a useful working range + // + // The (admittedly limited) testing that's been done suggests a useful working range // of 50 to 60. You can set it lower than 50, but site users will probably start - // to complain about the large number of proposed passwords getting rejected. - // At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as + // to complain about the large number of proposed passwords getting rejected. + // At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as // perfectly acceptable which clearly they are not. // - - // To disable similarity checking set the value to 0. - // public $maxSimilarity = 0; - // + + // To disable similarity checking set the value to 0. + // public $maxSimilarity = 0; + // public $maxSimilarity = 50; //-------------------------------------------------------------------- @@ -204,7 +204,7 @@ class Auth extends BaseConfig //-------------------------------------------------------------------- // Activator classes //-------------------------------------------------------------------- - // Avaliable activators with config settings + // Available activators with config settings // public $userActivators = [ 'Myth\Auth\Authentication\Activators\EmailActivator' => [ diff --git a/src/Config/Services.php b/src/Config/Services.php index f13df7c6..97253ef8 100644 --- a/src/Config/Services.php +++ b/src/Config/Services.php @@ -8,7 +8,7 @@ use Myth\Auth\Authorization\PermissionModel; use Myth\Auth\Authentication\Passwords\PasswordValidator; use Myth\Auth\Authentication\Activators\UserActivator; -use CodeIgniter\Config\BaseService; +use Config\Services as BaseService; class Services extends BaseService { diff --git a/src/Controllers/AuthController.php b/src/Controllers/AuthController.php index 5dbb9e6d..52941464 100644 --- a/src/Controllers/AuthController.php +++ b/src/Controllers/AuthController.php @@ -129,7 +129,7 @@ public function register() return redirect()->back()->withInput()->with('error', lang('Auth.registerDisabled')); } - echo view($this->config->views['register'], ['config' => $this->config]); + return view($this->config->views['register'], ['config' => $this->config]); } /** @@ -387,6 +387,6 @@ public function resendActivateAccount() // Success! return redirect()->route('login')->with('message', lang('Auth.activationSuccess')); - + } } diff --git a/tests/_support/AuthTestCase.php b/tests/_support/AuthTestCase.php index b3362fbf..ccd65227 100644 --- a/tests/_support/AuthTestCase.php +++ b/tests/_support/AuthTestCase.php @@ -67,6 +67,7 @@ protected function mockSession() $config = config('App'); $this->session = new MockSession(new ArrayHandler($config, '0.0.0.0'), $config); \Config\Services::injectMock('session', $this->session); + $_SESSION = []; } /** diff --git a/tests/controllers/RegisterTest.php b/tests/controllers/RegisterTest.php new file mode 100644 index 00000000..13ca1676 --- /dev/null +++ b/tests/controllers/RegisterTest.php @@ -0,0 +1,96 @@ +ruleSets[] = \Myth\Auth\Authentication\Passwords\ValidationRules::class; + \CodeIgniter\Config\Config::injectMock('Validation', $vConfig); + + // Make sure our routes are mapped + $routes = service('routes'); + $routes->add('login', 'AuthController::login', ['as' => 'login']); + \Config\Services::injectMock('routes', $routes); + } + + public function testRegisterDisplaysForm() + { + $result = $this->withUri(site_url('register')) + ->controller(AuthController::class) + ->execute('register'); + + $this->assertTrue($result->isOK()); + $result->see('Register', 'h2'); + } + + public function testAttemptRegisterDisabled() + { + $config = new \Myth\Auth\Config\Auth(); + $config->allowRegistration = false; + \CodeIgniter\Config\Config::injectMock('Auth', $config); + + $result = $this->withUri(site_url('register')) + ->controller(AuthController::class) + ->execute('attemptRegister'); + + $this->assertTrue($result->isRedirect()); + $this->assertEquals(lang('Auth.registerDisabled'), $_SESSION['error']); + } + + public function testAttemptRegisterValidationErrors() + { + $config = new \Myth\Auth\Config\Auth(); + $config->allowRegistration = true; + \CodeIgniter\Config\Config::injectMock('Auth', $config); + + $result = $this->withUri(site_url('register')) + ->controller(AuthController::class) + ->execute('attemptRegister'); + + $this->assertTrue($result->isRedirect()); + $this->asserttrue(isset($_SESSION['_ci_validation_errors'])); + } + + public function testAttemptRegisterCreatesUser() + { + // Set form input + $data = [ + 'username' => 'Joe Cool', + 'email' => 'jc@example.com', + 'password' => 'xaH96AhjglK', + 'pass_confirm' => 'xaH96AhjglK' + ]; + $globals = [ + 'request' => $data, + 'post' => $data, + ]; + + $request = service('request', null, false); + $this->setPrivateProperty($request, 'globals', $globals); + + // don't require activation for this... + $config = config('Auth'); + $config->requireActivation = false; + \CodeIgniter\Config\Config::injectMock('Auth', $config); + + $result = $this->withUri(site_url('register')) + ->withRequest($request) + ->controller(AuthController::class) + ->execute('attemptRegister'); + + $this->assertTrue($result->isRedirect()); + $this->assertEquals(lang('Auth.registerSuccess'), $_SESSION['message']); + } +}