feat: implement premium Email 2FA authentication integrated with auth flow
This commit is contained in:
@@ -0,0 +1,91 @@
|
||||
<?php
|
||||
|
||||
use App\Models\User;
|
||||
use Illuminate\Support\Facades\Mail;
|
||||
use App\Mail\Send2FACode;
|
||||
|
||||
test('users with email 2fa enabled are redirected to challenge page', function () {
|
||||
Mail::fake();
|
||||
|
||||
$user = User::factory()->create([
|
||||
'email_2fa_enabled' => true,
|
||||
]);
|
||||
|
||||
$response = $this->post('/login', [
|
||||
'email' => $user->email,
|
||||
'password' => 'password',
|
||||
]);
|
||||
|
||||
$this->assertGuest();
|
||||
$response->assertRedirect(route('two-factor.challenge'));
|
||||
|
||||
$user->refresh();
|
||||
expect($user->email_2fa_code)->not->toBeNull();
|
||||
expect($user->email_2fa_expires_at)->not->toBeNull();
|
||||
|
||||
Mail::assertSent(Send2FACode::class, function ($mail) use ($user) {
|
||||
return $mail->hasTo($user->email) && $mail->code === $user->email_2fa_code;
|
||||
});
|
||||
|
||||
$this->assertEquals($user->id, session('two_factor_user_id'));
|
||||
$this->assertEquals('email', session('two_factor_type'));
|
||||
});
|
||||
|
||||
test('users can verify their email 2fa code successfully', function () {
|
||||
$user = User::factory()->create([
|
||||
'email_2fa_enabled' => true,
|
||||
'email_2fa_code' => '123456',
|
||||
'email_2fa_expires_at' => now()->addMinutes(10),
|
||||
]);
|
||||
|
||||
session(['two_factor_user_id' => $user->id, 'two_factor_type' => 'email']);
|
||||
|
||||
$response = $this->post('/two-factor/challenge', [
|
||||
'code' => '123456',
|
||||
]);
|
||||
|
||||
$this->assertAuthenticatedAs($user);
|
||||
$response->assertRedirect(route('dashboard'));
|
||||
|
||||
$user->refresh();
|
||||
expect($user->email_2fa_code)->toBeNull();
|
||||
expect($user->email_2fa_expires_at)->toBeNull();
|
||||
});
|
||||
|
||||
test('users cannot verify incorrect email 2fa code', function () {
|
||||
$user = User::factory()->create([
|
||||
'email_2fa_enabled' => true,
|
||||
'email_2fa_code' => '123456',
|
||||
'email_2fa_expires_at' => now()->addMinutes(10),
|
||||
]);
|
||||
|
||||
session(['two_factor_user_id' => $user->id, 'two_factor_type' => 'email']);
|
||||
|
||||
$response = $this->post('/two-factor/challenge', [
|
||||
'code' => '654321',
|
||||
]);
|
||||
|
||||
$this->assertGuest();
|
||||
$response->assertSessionHasErrors(['code']);
|
||||
});
|
||||
|
||||
test('users can resend email 2fa code', function () {
|
||||
Mail::fake();
|
||||
|
||||
$user = User::factory()->create([
|
||||
'email_2fa_enabled' => true,
|
||||
'email_2fa_code' => '123456',
|
||||
'email_2fa_expires_at' => now()->addMinutes(10),
|
||||
]);
|
||||
|
||||
session(['two_factor_user_id' => $user->id, 'two_factor_type' => 'email']);
|
||||
|
||||
$response = $this->post('/two-factor/resend');
|
||||
|
||||
$response->assertSessionHasNoErrors();
|
||||
|
||||
$user->refresh();
|
||||
expect($user->email_2fa_code)->not->toEqual('123456');
|
||||
|
||||
Mail::assertSent(Send2FACode::class);
|
||||
});
|
||||
Reference in New Issue
Block a user