e3cb2675dd
All checks were successful
Build MapleDeploy Coolify Image / build (push) Successful in 1m26s
91 lines
3 KiB
PHP
91 lines
3 KiB
PHP
<?php
|
|
|
|
use App\Actions\Fortify\ResetUserPassword;
|
|
use App\Models\InstanceSettings;
|
|
use App\Models\User;
|
|
use App\Notifications\TransactionalEmails\ResetPassword;
|
|
use Illuminate\Foundation\Testing\RefreshDatabase;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Notification;
|
|
use Illuminate\Support\Once;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
uses(RefreshDatabase::class);
|
|
|
|
beforeEach(function () {
|
|
Notification::fake();
|
|
config([
|
|
'app.maintenance.driver' => 'file',
|
|
'cache.default' => 'array',
|
|
'session.driver' => 'array',
|
|
]);
|
|
InstanceSettings::unguarded(function () {
|
|
InstanceSettings::query()->create([
|
|
'id' => 0,
|
|
'smtp_enabled' => true,
|
|
'smtp_from_address' => 'test@example.com',
|
|
'smtp_from_name' => 'MapleDeploy',
|
|
'smtp_host' => 'localhost',
|
|
'smtp_port' => 1025,
|
|
]);
|
|
});
|
|
Once::flush();
|
|
});
|
|
|
|
test('forgot password does not create a reset token for MapleDeploy revoked users', function () {
|
|
$user = User::factory()->create([
|
|
'email' => 'revoked@example.com',
|
|
'remember_token' => 'mapledeploy-revoked:abc123',
|
|
]);
|
|
|
|
$response = $this->post('/forgot-password', [
|
|
'email' => 'revoked@example.com',
|
|
]);
|
|
|
|
$response->assertSessionHas('status');
|
|
expect(DB::table('password_reset_tokens')->where('email', $user->email)->exists())->toBeFalse();
|
|
Notification::assertNothingSent();
|
|
});
|
|
|
|
test('forgot password still sends reset links for active users', function () {
|
|
$user = User::factory()->create([
|
|
'email' => 'active@example.com',
|
|
'remember_token' => null,
|
|
]);
|
|
|
|
$response = $this->post('/forgot-password', [
|
|
'email' => 'active@example.com',
|
|
]);
|
|
|
|
$response->assertSessionHas('status');
|
|
expect(DB::table('password_reset_tokens')->where('email', $user->email)->exists())->toBeTrue();
|
|
Notification::assertSentTo($user, ResetPassword::class);
|
|
});
|
|
|
|
test('reset password refuses MapleDeploy revoked users even with an existing token', function () {
|
|
$user = User::factory()->create([
|
|
'password' => Hash::make('old-password'),
|
|
'remember_token' => 'mapledeploy-revoked:abc123',
|
|
]);
|
|
|
|
expect(fn () => app(ResetUserPassword::class)->reset($user, [
|
|
'password' => 'new-password',
|
|
'password_confirmation' => 'new-password',
|
|
]))->toThrow(ValidationException::class);
|
|
|
|
expect(Hash::check('old-password', $user->fresh()->password))->toBeTrue()
|
|
->and($user->fresh()->remember_token)->toBe('mapledeploy-revoked:abc123');
|
|
});
|
|
|
|
test('revoked users are logged out even when sessions are not database backed', function () {
|
|
$user = User::factory()->create([
|
|
'remember_token' => 'mapledeploy-revoked:abc123',
|
|
'email_verified_at' => now(),
|
|
]);
|
|
|
|
$response = $this->actingAs($user)->get('/');
|
|
|
|
$response->assertRedirect(route('login'));
|
|
$this->assertGuest();
|
|
});
|