Add Extra Tests

stubs/default/pest-tests/Feature/Auth/AuthenticationTest.php

@@ -1,6 +1,8 @@
 <?php
 
 use App\Models\User;
+use Illuminate\Auth\Events\Lockout;
+use Illuminate\Support\Facades\Event;
 
 test('login screen can be rendered', function () {
  $response = $this->get('/login');
@@ -39,3 +41,24 @@
  $this->assertGuest();
  $response->assertRedirect('/');
 });
+
+test('users are rate limited after failed login attempts', function () {
+ Event::fake();
+
+ $user = User::factory()->create();
+
+ $responses = [];
+ foreach (range(0, 5) as $ignored) {
+ $responses[] = $this->post('/login', [
+ 'email' => $user->email,
+ 'password' => 'wrong-password',
+ ]);
+ }
+
+ $lastResponse = end($responses);
+
+ Event::assertDispatched(Lockout::class);
+
+ $lastResponse->assertSessionHasErrors('email', 'Too many login attempts. Please try again in % seconds.');
+ $lastResponse->assertRedirect('/');
+});

stubs/default/pest-tests/Feature/Auth/EmailVerificationTest.php

@@ -2,7 +2,9 @@
 
 use App\Models\User;
 use Illuminate\Auth\Events\Verified;
+use Illuminate\Auth\Notifications\VerifyEmail;
 use Illuminate\Support\Facades\Event;
+use Illuminate\Support\Facades\Notification;
 use Illuminate\Support\Facades\URL;
 
 test('email verification screen can be rendered', function () {
@@ -13,6 +15,37 @@
  $response->assertStatus(200);
 });
 
+test('redirects from email verification screen if user is already verified', function () {
+ $user = User::factory()->create();
+
+ $response = $this->actingAs($user)->get('/verify-email');
+
+ $response->assertRedirect(route('dashboard', absolute: false));
+});
+
+test('email verify notification can be sent', function () {
+ Notification::fake();
+
+ $user = User::factory()->unverified()->create();
+
+ $response = $this->actingAs($user)
+ ->from('/verify-email')
+ ->post('/email/verification-notification');
+
+ $response->assertRedirect('/verify-email');
+ $response->assertSessionHas('status', 'verification-link-sent');
+
+ Notification::assertSentTo($user, VerifyEmail::class);
+});
+
+test('email verify notification is not sent if the user is already verified', function () {
+ $user = User::factory()->create();
+
+ $response = $this->actingAs($user)->post('/email/verification-notification');
+
+ $response->assertRedirect(route('dashboard', absolute: false));
+});
+
 test('email can be verified', function () {
  $user = User::factory()->unverified()->create();
 
@@ -44,3 +77,18 @@
 
  expect($user->fresh()->hasVerifiedEmail())->toBeFalse();
 });
+
+test('redirects to dashboard if user is already verified', function () {
+ $user = User::factory()->create();
+
+ Event::fake();
+
+ $verificationUrl = URL::temporarySignedRoute(
+ 'verification.verify',
+ now()->addMinutes(60),
+ ['id' => $user->id, 'hash' => sha1($user->email)]
+ );
+
+ $response = $this->actingAs($user)->get($verificationUrl);
+ $response->assertRedirect(route('dashboard', absolute: false).'?verified=1');
+});

stubs/default/tests/Feature/Auth/AuthenticationTest.php

@@ -3,7 +3,9 @@
 namespace Tests\Feature\Auth;
 
 use App\Models\User;
+use Illuminate\Auth\Events\Lockout;
 use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Support\Facades\Event;
 use Tests\TestCase;
 
 class AuthenticationTest extends TestCase
@@ -51,4 +53,26 @@ public function test_users_can_logout(): void
  $this->assertGuest();
  $response->assertRedirect('/');
  }
+
+ public function test_users_are_rate_limited_after_failed_login_attempts(): void
+ {
+ Event::fake();
+
+ $user = User::factory()->create();
+
+ $responses = [];
+ foreach (range(0, 5) as $ignored) {
+ $responses[] = $this->post('/login', [
+ 'email' => $user->email,
+ 'password' => 'wrong-password',
+ ]);
+ }
+
+ $lastResponse = end($responses);
+
+ Event::assertDispatched(Lockout::class);
+
+ $lastResponse->assertSessionHasErrors('email', 'Too many login attempts. Please try again in % seconds.');
+ $lastResponse->assertRedirect('/');
+ }
 }

stubs/default/tests/Feature/Auth/EmailVerificationTest.php

@@ -4,8 +4,10 @@
 
 use App\Models\User;
 use Illuminate\Auth\Events\Verified;
+use Illuminate\Auth\Notifications\VerifyEmail;
 use Illuminate\Foundation\Testing\RefreshDatabase;
 use Illuminate\Support\Facades\Event;
+use Illuminate\Support\Facades\Notification;
 use Illuminate\Support\Facades\URL;
 use Tests\TestCase;
 
@@ -22,6 +24,31 @@ public function test_email_verification_screen_can_be_rendered(): void
  $response->assertStatus(200);
  }
 
+ public function test_redirects_from_email_verification_screen_if_user_is_already_verified(): void
+ {
+ $user = User::factory()->create();
+
+ $response = $this->actingAs($user)->get('/verify-email');
+
+ $response->assertRedirect(route('dashboard', absolute: false));
+ }
+
+ public function test_email_verify_notification_can_be_sent(): void
+ {
+ Notification::fake();
+
+ $user = User::factory()->unverified()->create();
+
+ $response = $this->actingAs($user)
+ ->from('/verify-email')
+ ->post('/email/verification-notification');
+
+ $response->assertRedirect('/verify-email');
+ $response->assertSessionHas('status', 'verification-link-sent');
+
+ Notification::assertSentTo($user, VerifyEmail::class);
+ }
+
  public function test_email_can_be_verified(): void
  {
  $user = User::factory()->unverified()->create();
@@ -55,4 +82,20 @@ public function test_email_is_not_verified_with_invalid_hash(): void
 
  $this->assertFalse($user->fresh()->hasVerifiedEmail());
  }
+
+ public function test_redirects_to_dashboard_if_user_is_already_verified(): void
+ {
+ $user = User::factory()->create();
+
+ Event::fake();
+
+ $verificationUrl = URL::temporarySignedRoute(
+ 'verification.verify',
+ now()->addMinutes(60),
+ ['id' => $user->id, 'hash' => sha1($user->email)]
+ );
+
+ $response = $this->actingAs($user)->get($verificationUrl);
+ $response->assertRedirect(route('dashboard', absolute: false).'?verified=1');
+ }
 }