API tools faq
paste
Advertisement
Guest User

auth_testing

a guest
Nov 19th, 2018
212
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 15.83 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. namespace V1\User\Authentication;
  3.  
  4. use \ApiTester;
  5. use EmasGogo\GoDompet\Domain\Gold\Entities\GoDompetGoldAccount;
  6. use EmasGogo\GoDompet\Domain\Payment\Entities\GodompetPaymentAccount;
  7. use EmasGogo\GoDompet\Domain\Doku\Entities\GoDompetDokuWallet;
  8. use EmasGogo\User\Domain\Entities\User;
  9. use EmasGogo\User\Domain\Entities\Device;
  10. use EmasGogo\Infrastructure\Hasher\SHATwoFiveSixHasher;
  11. use Carbon\Carbon;
  12. use Illuminate\Support\Facades\Cache;
  13.  
  14. class EmailAuthenticationTestCest
  15. {
  16.     protected $location;
  17.  
  18.     public function _before(ApiTester $I)
  19.     {
  20.         $I->callArtisan('cache:clear');
  21.         $this->location = json_encode(["id" => "Kota Malang, Jawa Timur", "en" => "Malang City, East Java"]);
  22.     }
  23.  
  24.     public function _after(ApiTester $I)
  25.     {
  26.     }
  27.  
  28.     /**
  29.      * @param ApiTester $I
  30.      */
  31.     public function UserSuccesLoginWithSameDeviceTest(ApiTester $I)
  32.     {
  33.         $user = factory(User::class)->create([
  34.             'email' => 'john@mail.com',
  35.             'password' => bcrypt('secret'),
  36.             'status' => 'active',
  37.         ]);
  38.  
  39.         $user->devices()->save(new Device([
  40.             'user_id' => $user->id,
  41.             'name' => 'samsung',
  42.             'device_id' => 'qwertyuiop',
  43.             'latitude' => '-7.966620',
  44.             'longitude' => '112.632632'
  45.         ]));
  46.  
  47.         $user->godompetPaymentAccount()->save(new GodompetPaymentAccount([
  48.             'balance' => 0.00,
  49.             'status' => 'active'
  50.         ]));
  51.  
  52.         $user->GodompetGoldAccount()->save(new GoDompetGoldAccount([
  53.             'balance' => 0.00,
  54.             'status' => 'active'
  55.         ]));
  56.  
  57.         $user->GodompetDoku()->save(new GoDompetDokuWallet([
  58.             'balance' => 0.00,
  59.             'status' => 'active'
  60.         ]));
  61.         $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  62.         $I->wantToTest('User successfully login using email with same device');
  63.         $I->haveHttpHeader('Content-type', 'application/json');
  64.         $I->sendPOST('api/v1/authentication', json_encode([
  65.             'auth_type' => 'email',
  66.             'email' => 'john@mail.com',
  67.             'password' => 'secret',
  68.             'device' => 'samsung',
  69.             'device_id' => 'qwertyuiop',
  70.             'longitude' => '112.632632',
  71.             'latitude' => '-7.966620',
  72.             'signature' => $signature
  73.         ]));
  74.         $I->seeResponseCodeIs(200);
  75.         $I->seeResponseContainsJson([
  76.             'data' => [
  77.                 'fullname' => $user->name,
  78.                 'email' => $user->email,
  79.                 'identity' => null,
  80.                 'user_devices' => [
  81.                     [
  82.                         'name' => 'samsung',
  83.                         'latitude' => '-7.966620',
  84.                         'longitude' => '112.632632',
  85.                         'device_id' => 'qwertyuiop'
  86.                     ]
  87.                 ]
  88.             ]
  89.         ]);
  90.  
  91.         $user = User::where('email', 'john@mail.com')->first();
  92.         $device = $user->devices()->where('device_id', 'qwertyuiop')->first();
  93.         $I->assertNotNull($device);
  94.         $I->seeRecord('devices', ['user_id' => $user->id, 'last_logged_in_location' => $this->location ]);
  95.     }
  96.     public function UserSuccesLoginUsingBrowser(ApiTester $I)
  97.     {
  98.         $user = factory(User::class)->create([
  99.             'email' => 'john@mail.com',
  100.             'password' => bcrypt('secret'),
  101.             'status' => 'active',
  102.         ]);
  103.  
  104.         $user->godompetPaymentAccount()->save(new GodompetPaymentAccount([
  105.             'balance' => 0.00,
  106.             'status' => 'active'
  107.         ]));
  108.  
  109.         $user->GodompetGoldAccount()->save(new GoDompetGoldAccount([
  110.             'balance' => 0.00,
  111.             'status' => 'active'
  112.         ]));
  113.  
  114.         $user->GodompetDoku()->save(new GoDompetDokuWallet([
  115.             'balance' => 0.00,
  116.             'status' => 'active'
  117.         ]));
  118.         $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  119.         $I->wantToTest('User successfully login using email with same device');
  120.         $I->haveHttpHeader('Content-type', 'application/json');
  121.         $I->sendPOST('api/v1/authentication', json_encode([
  122.             'auth_type' => 'email',
  123.             'email' => 'john@mail.com',
  124.             'password' => 'secret',
  125.             'device' => 'Chrome#Win32',
  126.             'device_id' => 'newBrowserAccess',
  127.             'longitude' => '112.632632',
  128.             'latitude' => '-7.966620',
  129.             'signature' => $signature
  130.         ]));
  131.         $I->seeResponseCodeIs(200);
  132.         codecept_debug($I->grabResponse());
  133.     }
  134.  
  135.     /**
  136.      * @param ApiTester $I
  137.      */
  138.     public function UserSuccesLoginWithOneDeviceCountTest(ApiTester $I)
  139.     {
  140.         $user = factory(User::class)->create([
  141.             'email' => 'john@mail.com',
  142.             'password' => bcrypt('secret'),
  143.             'status' => 'active',
  144.         ]);
  145.  
  146.         $user->devices()->save(new Device([
  147.             'user_id' => $user->id,
  148.             'name' => 'samsung',
  149.             'device_id' => 'qwertyuiop',
  150.             'latitude' => '-7.966620',
  151.             'longitude' => '112.632632'
  152.         ]));
  153.  
  154.         $user->godompetPaymentAccount()->save(new GodompetPaymentAccount([
  155.             'balance' => 0.00,
  156.             'status' => 'active'
  157.         ]));
  158.  
  159.         $user->GodompetGoldAccount()->save(new GoDompetGoldAccount([
  160.             'balance' => 0.00,
  161.             'status' => 'active'
  162.         ]));
  163.  
  164.         $user->GodompetDoku()->save(new GoDompetDokuWallet([
  165.             'balance' => 0.00,
  166.             'status' => 'active'
  167.         ]));
  168.  
  169.         $I->wantToTest('User successfully login using one device count');
  170.         $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  171.         $I->assertEquals(1, $user->devices->count());
  172.         $I->haveHttpHeader('Content-type', 'application/json');
  173.         $I->sendPOST('api/v1/authentication', json_encode([
  174.             'auth_type' => 'email',
  175.             'email' => 'john@mail.com',
  176.             'password' => 'secret',
  177.             'device' => 'nexian',
  178.             'device_id' => 'qwertyuiop1',
  179.             'longitude' => '112.632632',
  180.             'latitude' => '-7.966620',
  181.             'signature' => $signature
  182.         ]));
  183.         $I->seeResponseCodeIs(200);
  184.  
  185.         $fetchUser = User::where('email', 'john@mail.com')->first();
  186.         $device = $fetchUser->devices()->where('device_id', 'qwertyuiop1')->first();
  187.         $I->assertNotNull($device);
  188.         $I->assertEquals(2, $fetchUser->devices()->count());
  189.         $I->seeRecord('devices', ['user_id' => $fetchUser->id, 'name' => 'samsung', 'longitude' => '112.632632', 'latitude' => '-7.966620']);
  190.         $I->seeRecord('devices', ['user_id' => $fetchUser->id, 'name' => 'nexian', 'longitude' => '112.632632', 'latitude' => '-7.966620', 'last_logged_in_location' => $this->location]);
  191.     }
  192.  
  193.     /**
  194.      * @param ApiTester $I
  195.      */
  196.     public function UserSuccesLoginWithTwoDeviceCountTest(ApiTester $I)
  197.     {
  198.         $user = factory(User::class)->create([
  199.             'email' => 'john@mail.com',
  200.             'password' => bcrypt('secret'),
  201.             'status' => 'active',
  202.         ]);
  203.  
  204.         $user->devices()->save(new Device([
  205.             'user_id' => $user->id,
  206.             'name' => 'samsung',
  207.             'device_id' => 'qwertyuiop1',
  208.             'latitude' => '-7.966620',
  209.             'longitude' => '112.632632'
  210.         ]));
  211.  
  212.         $user->devices()->save(new Device([
  213.             'user_id' => $user->id,
  214.             'name' => 'nexian',
  215.             'device_id' => 'qwertyuiop2',
  216.             'latitude' => '-7.966620',
  217.             'longitude' => '112.632632'
  218.         ]));
  219.  
  220.         $user->godompetPaymentAccount()->save(new GodompetPaymentAccount([
  221.             'balance' => 0.00,
  222.             'status' => 'active'
  223.         ]));
  224.  
  225.         $user->GodompetGoldAccount()->save(new GoDompetGoldAccount([
  226.             'balance' => 0.00,
  227.             'status' => 'active'
  228.         ]));
  229.  
  230.         $user->GodompetDoku()->save(new GoDompetDokuWallet([
  231.             'balance' => 0.00,
  232.             'status' => 'active'
  233.         ]));
  234.  
  235.         $I->wantToTest('User successfully login using 2 device count');
  236.         $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  237.         $I->assertEquals(2, $user->devices->count());
  238.         $I->haveHttpHeader('Content-type', 'application/json');
  239.         $I->sendPOST('api/v1/authentication', json_encode([
  240.             'auth_type' => 'email',
  241.             'email' => 'john@mail.com',
  242.             'password' => 'secret',
  243.             'device' => 'oppo',
  244.             'device_id' => 'qwertyuiop3',
  245.             'longitude' => '112.632632',
  246.             'latitude' => '-7.966620',
  247.             'signature' => $signature
  248.         ]));
  249.         $I->seeResponseCodeIs(200);
  250.  
  251.         $fetchUser = User::where('email', 'john@mail.com')->first();
  252.         $device = $fetchUser->devices()->where('device_id', 'qwertyuiop3')->first();
  253.         $I->assertNotNull($device);
  254.         $I->assertEquals(3, $fetchUser->devices()->count());
  255.         $I->seeRecord('devices', ['user_id' => $fetchUser->id, 'name' => 'oppo', 'longitude' => '112.632632', 'latitude' => '-7.966620', 'device_id' => 'qwertyuiop3', 'last_logged_in_location' => $this->location]);
  256.     }
  257.  
  258.     /**
  259.      * @param ApiTester $I
  260.      */
  261. //    public function UserNotAllowedLoginHasMaximumDeviceCountTest(ApiTester $I)
  262. //    {
  263. //        $user = factory(User::class)->create([
  264. //            'email' => 'john@mail.com',
  265. //            'password' => bcrypt('secret'),
  266. //            'status' => 'active',
  267. //        ]);
  268. //
  269. //        $user->devices()->save(new Device([
  270. //            'user_id' => $user->id,
  271. //            'name' => 'samsung',
  272. //            'device_id' => 'qwertyuiop1',
  273. //            'latitude' => '-7.966620',
  274. //            'longitude' => '112.632632'
  275. //        ]));
  276. //
  277. //        $user->devices()->save(new Device([
  278. //            'user_id' => $user->id,
  279. //            'name' => 'nexian',
  280. //            'device_id' => 'qwertyuiop2',
  281. //            'latitude' => '-7.966620',
  282. //            'longitude' => '112.632632'
  283. //        ]));
  284. //
  285. //        $user->devices()->save(new Device([
  286. //            'user_id' => $user->id,
  287. //            'name' => 'oppo',
  288. //            'device_id' => 'qwertyuiop3',
  289. //            'latitude' => '-7.966620',
  290. //            'longitude' => '112.632632'
  291. //        ]));
  292. //
  293. //        $user->godompetPaymentAccount()->save(new GodompetPaymentAccount([
  294. //            'balance' => 0.00,
  295. //            'status' => 'active'
  296. //        ]));
  297. //
  298. //        $user->GodompetGoldAccount()->save(new GoDompetGoldAccount([
  299. //            'balance' => 0.00,
  300. //            'status' => 'active'
  301. //        ]));
  302. //
  303. //        $user->GodompetDoku()->save(new GoDompetDokuWallet([
  304. //            'balance' => 0.00,
  305. //            'status' => 'active'
  306. //        ]));
  307. //
  308. //        $I->wantToTest('User is not allowed login using invalid device count');
  309. //
  310. //        $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  311. //
  312. //        $I->assertEquals(3, $user->devices->count());
  313. //
  314. //        $I->haveHttpHeader('Content-type', 'application/json');
  315. //        $I->sendPOST('api/v1/authentication', json_encode([
  316. //            'auth_type' => 'email',
  317. //            'email' => 'john@mail.com',
  318. //            'password' => 'secret',
  319. //            'device' => 'xiaomi',
  320. //            'device_id' => 'qwertyuiop4',
  321. //            'longitude' => '112.632632',
  322. //            'latitude' => '-7.966620',
  323. //            'signature' => $signature
  324. //        ]));
  325. //        $I->seeResponseCodeIs(400);
  326. //        $I->seeResponseContainsJson(['errors' => ['code' => '004']]);
  327. //    }
  328.  
  329.     /**
  330.      * @param ApiTester $I
  331.      */
  332.     public function UserFailedLoginUsingInvalidEmailOrPasswordTest(ApiTester $I)
  333.     {
  334.         $I->wantToTest('User failed login using invalid email or password');
  335.         $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  336.         // EN
  337.         $I->haveHttpHeader('Content-type', 'application/json');
  338.         $I->sendPOST('api/v1/authentication', json_encode([
  339.             'auth_type' => 'email',
  340.             'email' => 'john@mail.com',
  341.             'password' => 'secret',
  342.             'device' => 'xiaomi',
  343.             'device_id' => 'qwertyuiop1',
  344.             'longitude' => '112.632632',
  345.             'latitude' => '-7.966620',
  346.             'signature' => $signature
  347.         ]));
  348.         $I->seeResponseCodeIs(401);
  349.         $I->seeResponseContainsJson(['messages' => ['Wrong email / password or your account has been banned.']]);
  350.     }
  351.  
  352.     /**
  353.      * @param ApiTester $I
  354.      */
  355.     public function UserFailedLoginUsingInvalidSignatureTest(ApiTester $I)
  356.     {
  357.         $I->wantToTest('User failed login using invalid signature');
  358.         // EN
  359.         $I->haveHttpHeader('Content-type', 'application/json');
  360.         $I->sendPOST('api/v1/authentication', json_encode([
  361.             'auth_type' => 'email',
  362.             'email' => 'john@mail.com',
  363.             'password' => 'secret',
  364.             'device' => 'xiaomi',
  365.             'device_id' => 'qwertyuiop1',
  366.             'longitude' => '112.632632',
  367.             'latitude' => '-7.966620',
  368.             'signature' => 'ngawursignature'
  369.         ]));
  370.         $I->seeResponseCodeIs(422);
  371.         $I->seeResponseContainsJson(['messages' => ['The signature is invalid.']]);
  372.     }
  373.  
  374.     /**
  375.      * @param ApiTester $I
  376.      */
  377.     public function UserFailedLoginUsingInvalidEmailOrPasswordAttemptTest(ApiTester $I)
  378.     {
  379.         $I->wantToTest('User failed login using invalid email or password attempt');
  380.         $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  381.         // EN
  382.         $expiresAt = Carbon::now()->addMinutes(1);
  383.         Cache::put('passwordLimitCountjohn@mail.com', 1, $expiresAt);
  384.         $I->haveHttpHeader('Content-type', 'application/json');
  385.         $I->sendPOST('api/v1/authentication', json_encode([
  386.             'auth_type' => 'email',
  387.             'email' => 'john@mail.com',
  388.             'password' => 'secret',
  389.             'device' => 'xiaomi',
  390.             'device_id' => 'qwertyuiop1',
  391.             'longitude' => '112.632632',
  392.             'latitude' => '-7.966620',
  393.             'signature' => $signature
  394.         ]));
  395.         $I->assertEquals(2, Cache::get('passwordLimitCountjohn@mail.com'));
  396.         $I->seeResponseCodeIs(401);
  397.         $I->seeResponseContainsJson(['messages' => ['Wrong email / password or your account has been banned.']]);
  398.     }
  399.  
  400.     /**
  401.      * @param ApiTester $I
  402.      */
  403.     public function UserFailedLoginWithAttemptLimitTest(ApiTester $I)
  404.     {
  405.         $I->callArtisan('cache:clear');
  406.         $I->wantToTest('User failed login with attempt limit');
  407.         $signature = (new SHATwoFiveSixHasher())->hash('v1authenticationemailjohn@mail.comsecretqwerty123');
  408.         // EN
  409.         $expiresAt = Carbon::now()->addMinutes(1);
  410.         Cache::put('passwordLimitCountjohn@mail.com', 4, $expiresAt);
  411.         $I->haveHttpHeader('Content-type', 'application/json');
  412.         $I->sendPOST('api/v1/authentication', json_encode([
  413.             'auth_type' => 'email',
  414.             'email' => 'john@mail.com',
  415.             'password' => 'secret',
  416.             'device' => 'xiaomi',
  417.             'device_id' => 'qwertyuiop1',
  418.             'longitude' => '112.632632',
  419.             'latitude' => '-7.966620',
  420.             'signature' => $signature
  421.         ]));
  422.         $I->seeResponseCodeIs(422);
  423.         $I->seeResponseContainsJson([
  424.             'status_code' => 422,
  425.             'data' => [
  426.                 'errors' => [
  427.                     'code' => '013',
  428.                 ]
  429.             ]
  430.         ]);
  431.     }
  432. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!