Comments (3)
I think you will find a good answer (if you haven't already) over at Laracasts :)
from jwt-auth.
Banged my head for a while trying to get some basic functional / integration tests written. Here's what I came up with that seems to be working for Laravel 5.1:
class APIControllerTest extends TestCase{
public function testCanGetOAuthTokenWithValidPassword(){
$this->setupUser();
$resp = $this->call('POST', '/api/login',
["userid" => "testymctester", "password" => "testallthethings"]);
$data = json_decode($resp->getContent());
$this->assertTrue(array_key_exists("token", $data), "response was {$resp->getContent()}");
}
public function testCannotGetOAuthTokenWithInvalidPassword(){
$this->setupUser();
$resp = $this->call('POST', '/api/login',
["userid" => "testymctester", "password" => "badpassword"]);
$data = json_decode($resp->getContent());
$this->assertFalse(array_key_exists("token", $data), "response was {$resp->getContent()}");
}
/**
* A valid user can view a protected resource.
* @return [type] [description]
*/
public function testCanGetProtectedAPIResourceWithOAuthTokenViaHeader(){
$user = $this->setupUser();
$token = JWTAuth::fromUser($user);
$resp = $this->call('GET', '/api/user', [],[],[],["HTTP_AUTHORIZATION" => "Bearer $token"]);
$this->assertResponseOk();
$data = json_decode($resp->getContent());
$this->assertTrue(!!$data->user, "data is {$resp->getContent()}");
}
public function testCanGetProtectedAPIResourceWithOAuthTokenViaParam(){
$user = $this->setupUser();
$token = JWTAuth::fromUser($user);
$resp = $this->call('GET', '/api/user', ["token" => $token]);
$this->assertResponseOk();
$data = json_decode($resp->getContent());
$this->assertTrue(!!$data->user, "data is {$resp->getContent()}");
}
/**
* If an invalid token is passed, user can't view a protected resource.
* @return [type] [description]
*/
public function testCannotGetProtectedAPIResourceWithoutOAuthToken(){
// $this->markTestSkipped("testing protected routes does not work till upgrade to Dingo.");
$resp = $this->call('GET', '/api/user',
["token" => "bogus.bogus.bogus"]);
$this->assertResponseStatus(401);
}
protected function setupUser(){
$user = User::whereUserid("testymctester");
if ($user) $user->delete();
$user = new User([
"userid" => "testymctester",
"password" => "testallthethings",
"email" => "[email protected]",
"first" => "T",
"last" => "McTester",
]);
$user->save();
return $user;
}
}
Our routes.php file looks something like this:
$api = App::make('Dingo\Api\Routing\Router');
$api->version('v1', function($api){
$api->post("login", "App\Http\Controllers\Auth\APIController@authenticate");
// Protected routes that require authentication
$api->group(["protected" => true], function($api){
$api->get('user', 'App\Http\Controllers\Auth\APIController@getAuthenticatedUser');
$api->get('userinfo', 'App\Http\Controllers\Auth\APIController@getUserInfo');
$api->get('dates', 'App\Http\Controllers\Auth\APIController@getCalendar');
$api->get('directory', 'App\Http\Controllers\Auth\APIController@getDirectory');
$api->get('news', 'App\Http\Controllers\Auth\APIController@getNews');
});
});
from jwt-auth.
Hope this helps, in my TestCase.php I setup the token that I needed to use inside $this->token
and then I setup helper methods
authGet, authPost, authPut & authDelete which would call get, post, put & delete with authentication.
The trick was to append ?token=$this->token
to the url for all of these methods (as mentioned here)
from jwt-auth.
Related Issues (20)
- How do we customise the claims? HOT 2
- Get All active tokens
- Method factory on JWTGuard not found
- setSecret method for custom JWT key is not working HOT 1
- Troubleshooting Issues with Laravel Tests and JWT Authentication HOT 2
- Examples for unmentioned routes (like Email Verification) HOT 1
- Followed the Laravel installation and quick start, getting error: "Tymon\\JWTAuth\\JWTGuard::login(): Argument #1 ($user) must be of type Tymon\\JWTAuth\\Contracts\\JWTSubject
- is possible use sap hana obdc with tymondesigns / jwt-auth ?
- Using a string instead of a file path for the `private` property in `jwt.php`.
- Clarification on Refresh Token Behaviour HOT 5
- attempt() never returns null, but returns blank booleans HOT 1
- Laravel 11 requires an update.
- Laravel 11 Compatibility needs nesbot/carbon ^3.0 HOT 1
- Random @deprecated docs
- Not authenticating api.php routes requests. HOT 3
- Wrong remaining minutes when blacklisting a token HOT 4
- Duplicate query to blacklisted tokens table
- Error when using the auth()->tokenById($id) function. HOT 1
- Redis connection to store blacklisted jwts HOT 1
- How does the jwt invlalidating works ? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt-auth.