2016-01-15 14:51:27 +05:30
|
|
|
<?php
|
|
|
|
namespace tests\codeception\api;
|
|
|
|
|
2017-01-23 16:52:20 +05:30
|
|
|
use OTPHP\TOTP;
|
2016-05-11 01:55:04 +05:30
|
|
|
use tests\codeception\api\_pages\AuthenticationRoute;
|
2016-01-15 14:51:27 +05:30
|
|
|
|
|
|
|
class LoginCest {
|
|
|
|
|
|
|
|
public function testLoginEmailOrUsername(FunctionalTester $I) {
|
2016-05-11 01:55:04 +05:30
|
|
|
$route = new AuthenticationRoute($I);
|
2016-01-15 14:51:27 +05:30
|
|
|
|
|
|
|
$I->wantTo('see error.login_required expected if login is not set');
|
|
|
|
$route->login();
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
|
|
|
'login' => 'error.login_required',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
|
|
|
|
$I->wantTo('see error.login_not_exist expected if username not exists in database');
|
|
|
|
$route->login('non-exist-username');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
|
|
|
'login' => 'error.login_not_exist',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
|
|
|
|
$I->wantTo('see error.login_not_exist expected if email not exists in database');
|
|
|
|
$route->login('not-exist@user.com');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
|
|
|
'login' => 'error.login_not_exist',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
|
2016-02-28 03:20:49 +05:30
|
|
|
$I->wantTo('see error.account_not_activated expected if credentials are valid, but account is not activated');
|
|
|
|
$route->login('howe.garnett', 'password_0');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
|
|
|
'login' => 'error.account_not_activated',
|
|
|
|
],
|
|
|
|
]);
|
2016-03-14 00:16:22 +05:30
|
|
|
$I->canSeeResponseJsonMatchesJsonPath('$.data.email');
|
2016-02-28 03:20:49 +05:30
|
|
|
|
2016-01-15 14:51:27 +05:30
|
|
|
$I->wantTo('don\'t see errors on login field if username is correct and exists in database');
|
|
|
|
$route->login('Admin');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.login');
|
|
|
|
|
|
|
|
$I->wantTo('don\'t see errors on login field if email is correct and exists in database');
|
|
|
|
$route->login('admin@ely.by');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.login');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginPassword(FunctionalTester $I) {
|
2016-05-11 01:55:04 +05:30
|
|
|
$route = new AuthenticationRoute($I);
|
2016-01-15 14:51:27 +05:30
|
|
|
|
|
|
|
$I->wantTo('see password doesn\'t have errors if email or username not set');
|
|
|
|
$route->login();
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.password');
|
|
|
|
|
|
|
|
$I->wantTo('see password doesn\'t have errors if username not exists in database');
|
|
|
|
$route->login('non-exist-username', 'random-password');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.password');
|
|
|
|
|
|
|
|
$I->wantTo('see password doesn\'t has errors if email not exists in database');
|
|
|
|
$route->login('not-exist@user.com', 'random-password');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.password');
|
|
|
|
|
|
|
|
$I->wantTo('see error.password_incorrect if email correct, but password wrong');
|
|
|
|
$route->login('admin@ely.by', 'wrong-password');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
|
|
|
'password' => 'error.password_incorrect',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
|
|
|
|
$I->wantTo('see error.password_incorrect if username correct, but password wrong');
|
|
|
|
$route->login('Admin', 'wrong-password');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
|
|
|
'password' => 'error.password_incorrect',
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2017-01-23 16:52:20 +05:30
|
|
|
public function testLoginToken(FunctionalTester $I) {
|
|
|
|
$route = new AuthenticationRoute($I);
|
|
|
|
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->wantTo('see totp don\'t have errors if email, username or totp not set');
|
2017-01-23 16:52:20 +05:30
|
|
|
$route->login();
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
2017-01-23 16:52:20 +05:30
|
|
|
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->wantTo('see totp don\'t have errors if username not exists in database');
|
2017-01-23 16:52:20 +05:30
|
|
|
$route->login('non-exist-username', 'random-password');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
2017-01-23 16:52:20 +05:30
|
|
|
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->wantTo('see totp don\'t has errors if email not exists in database');
|
2017-01-23 16:52:20 +05:30
|
|
|
$route->login('not-exist@user.com', 'random-password');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
2017-01-23 16:52:20 +05:30
|
|
|
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->wantTo('see totp don\'t has errors if email correct, but password wrong');
|
2017-01-23 16:52:20 +05:30
|
|
|
$route->login('not-exist@user.com', 'random-password');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
]);
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
2017-01-23 16:52:20 +05:30
|
|
|
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->wantTo('see error.totp_required if username and password correct, but account have enable otp');
|
2017-01-23 16:52:20 +05:30
|
|
|
$route->login('AccountWithEnabledOtp', 'password_0');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
2017-09-06 22:47:52 +05:30
|
|
|
'totp' => 'error.totp_required',
|
2017-01-23 16:52:20 +05:30
|
|
|
],
|
|
|
|
]);
|
|
|
|
|
2017-09-06 22:47:52 +05:30
|
|
|
$I->wantTo('see error.totp_incorrect if username and password correct, but totp wrong');
|
2017-01-23 16:52:20 +05:30
|
|
|
$route->login('AccountWithEnabledOtp', 'password_0', '123456');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => false,
|
|
|
|
'errors' => [
|
2017-09-06 22:47:52 +05:30
|
|
|
'totp' => 'error.totp_incorrect',
|
2017-01-23 16:52:20 +05:30
|
|
|
],
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2016-01-15 14:51:27 +05:30
|
|
|
public function testLoginByUsernameCorrect(FunctionalTester $I) {
|
2016-05-11 01:55:04 +05:30
|
|
|
$route = new AuthenticationRoute($I);
|
2016-01-15 14:51:27 +05:30
|
|
|
|
|
|
|
$I->wantTo('login into account using correct username and password');
|
|
|
|
$route->login('Admin', 'password_0');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => true,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors');
|
2016-05-30 05:14:17 +05:30
|
|
|
$I->canSeeAuthCredentials(false);
|
2016-01-15 14:51:27 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginByEmailCorrect(FunctionalTester $I) {
|
2016-05-11 01:55:04 +05:30
|
|
|
$route = new AuthenticationRoute($I);
|
2016-01-15 14:51:27 +05:30
|
|
|
|
|
|
|
$I->wantTo('login into account using correct email and password');
|
|
|
|
$route->login('admin@ely.by', 'password_0');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => true,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors');
|
2016-05-30 05:14:17 +05:30
|
|
|
$I->canSeeAuthCredentials(false);
|
2016-01-15 14:51:27 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginInAccWithPasswordMethod(FunctionalTester $I) {
|
2016-05-11 01:55:04 +05:30
|
|
|
$route = new AuthenticationRoute($I);
|
2016-01-15 14:51:27 +05:30
|
|
|
|
|
|
|
$I->wantTo('login into account with old password hash function using correct username and password');
|
|
|
|
$route->login('AccWithOldPassword', '12345678');
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => true,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors');
|
2016-05-30 05:14:17 +05:30
|
|
|
$I->canSeeAuthCredentials(false);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginByEmailWithRemember(FunctionalTester $I) {
|
|
|
|
$route = new AuthenticationRoute($I);
|
|
|
|
|
|
|
|
$I->wantTo('login into account using correct data and get refresh_token');
|
|
|
|
$route->login('admin@ely.by', 'password_0', true);
|
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => true,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors');
|
|
|
|
$I->canSeeAuthCredentials(true);
|
2016-01-15 14:51:27 +05:30
|
|
|
}
|
|
|
|
|
2017-01-23 16:52:20 +05:30
|
|
|
public function testLoginByAccountWithOtp(FunctionalTester $I) {
|
|
|
|
$route = new AuthenticationRoute($I);
|
|
|
|
|
|
|
|
$I->wantTo('login into account with enabled otp');
|
2017-08-08 22:48:44 +05:30
|
|
|
$route->login('AccountWithEnabledOtp', 'password_0', (TOTP::create('BBBB'))->now());
|
2017-01-23 16:52:20 +05:30
|
|
|
$I->canSeeResponseContainsJson([
|
|
|
|
'success' => true,
|
|
|
|
]);
|
|
|
|
$I->cantSeeResponseJsonMatchesJsonPath('$.errors');
|
|
|
|
$I->canSeeAuthCredentials(false);
|
|
|
|
}
|
|
|
|
|
2016-01-15 14:51:27 +05:30
|
|
|
}
|