Skip to content

feat: Implement Sanctum, api and testing #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: Implement Sanctum, api and testing #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions app/Http/Middleware/Authenticate.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,15 @@ class Authenticate extends Middleware
/**
* Get the path the user should be redirected to when they are not authenticated.
*
* @param \Illuminate\Http\Request $request
* @param \Illuminate\Http\Request $request
* @return string|null
*/
protected function redirectTo($request)
{
if (! $request->expectsJson()) {
return route('login');
}
// if (! $request->expectsJson()) {
// return route('login');
// }

return route('users.index');
}
}
6 changes: 6 additions & 0 deletions plan.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# Plan

## API

- api/users // public
- api/users/{id} // Protected
50 changes: 50 additions & 0 deletions routes/api.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
<?php

use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;

Expand All @@ -17,3 +18,52 @@
Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
return $request->user();
});

Route::get('/users', function () {
$users = User::get();

return response()->json([
'users' => $users
]);
})->name('users.index');

Route::middleware('auth:sanctum')->get('/users/{id}', function ($id) {
$user = User::find($id);

if (!$user) {
return response()->json([
'User Not Found'
], 404);
}

return response()->json([
'user' => $user
]);
});

Route::post('/tokens/create', function (Request $request) {
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
]);

if ($validator->fails()) {
return response()->json([
$validator->errors()
], 422);
}

if (!Auth::attempt($request->only('email', 'password'))) {
return response()->json([
'message' => 'Invalid Credentials'
], 401);
}

$user = User::where('email', $request->email)->first();
$token = $user->createToken('auth_token')->plainTextToken;

return response()->json([
'access_token' => $token,
'token_type' => 'Bearer'
]);
});
117 changes: 117 additions & 0 deletions tests/Feature/AuthTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
<?php

namespace Tests\Feature;

use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;

class AuthTest extends TestCase
{
use RefreshDatabase;

/** @test */
public function it_provides_token_to_a_valid_user()
{
User::factory()->create([
'email' => 'foo@mail.com',
'password' => bcrypt('password')
]);

$response = $this->post('/api/tokens/create', [
'email' => 'foo@mail.com',
'password' => 'password'
]);

$response->assertStatus(200);
$response->assertSeeText('access_token');
$response->assertSeeText('token_type');
$response->assertSeeText('Bearer');
}

/** @test */
public function it_does_not_provide_token_with_wrong_crednetials()
{
User::factory()->create([
'email' => 'foo@mail.com',
'password' => bcrypt('password')
]);

$response = $this->post('/api/tokens/create', [
'email' => 'foo@mail.com',
'password' => 'WRONG-PASSWORD'
]);

$response->assertStatus(401);
$response->assertSeeText('Invalid Credentials');
}

/** @test */
public function email_field_is_required()
{
User::factory()->create([
'email' => 'foo@mail.com',
'password' => bcrypt('password')
]);

$response = $this->post('/api/tokens/create', [
'email' => null,
'password' => 'password'
]);

$response->assertStatus(422);
$response->assertJson([
[
'email' => [
'The email field is required.'
]
]
]);
}

/** @test */
public function email_value_must_be_a_valid_email_address()
{
User::factory()->create([
'email' => 'foo@mail.com',
'password' => bcrypt('password')
]);

$response = $this->post('/api/tokens/create', [
'email' => 'foo',
'password' => 'password'
]);

$response->assertStatus(422);
$response->assertJson([
[
'email' => [
'The email must be a valid email address.'
]
]
]);
}

/** @test */
public function password_field_is_required()
{
User::factory()->create([
'email' => 'foo@mail.com',
'password' => bcrypt('password')
]);

$response = $this->post('/api/tokens/create', [
'email' => 'foo@mail.com',
'password' => null,
]);

$response->assertStatus(422);
$response->assertJson([
[
'password' => [
'The password field is required.'
]
]
]);
}
}
21 changes: 0 additions & 21 deletions tests/Feature/ExampleTest.php
View file
Open in desktop

This file was deleted.

75 changes: 75 additions & 0 deletions tests/Feature/UserApiTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
<?php

namespace Tests\Feature;

use App\Models\User;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Laravel\Sanctum\Sanctum;
use Tests\TestCase;

class UserApiTest extends TestCase
{
use RefreshDatabase;

/** @test */
public function it_list_down_all_users()
{
$user1 = User::factory()->create();
$user2 = User::factory()->create();

$response = $this->get('/api/users');

$response->assertStatus(200);
$response->assertJson([
'users' => [
[
'name' => $user1->name,
'email' => $user1->email
],
[
'name' => $user2->name,
'email' => $user2->email
],
]
]);
}

/** @test */
public function it_shows_deatils_of_a_user_to_authenticated_user_only()
{
Sanctum::actingAs(
User::factory()->create(),
);

$user = User::factory()->create();
$response = $this->get('/api/users/' . $user->id);

$response->assertStatus(200);
$response->assertJson([
'user' => [
'name' => $user->name,
'email' => $user->email
],
]);
}

/** @test */
public function it_does_not_allow_to_access_publicly()
{
$response = $this->get('/api/users/1');

$response->assertStatus(302);
}

/** @test */
public function it_returns_404_if_no_record_found_with_the_given_id()
{
Sanctum::actingAs(
User::factory()->create(),
);

$response = $this->get('/api/users/999');

$response->assertStatus(404);
}
}