Initial commit

tests/Feature/Settings/PasswordUpdateTest.php

@@ -0,0 +1,40 @@
+<?php
+
+use App\Livewire\Settings\Password;
+use App\Models\User;
+use Illuminate\Support\Facades\Hash;
+use Livewire\Livewire;
+
+test('password can be updated', function () {
+    $user = User::factory()->create([
+        'password' => Hash::make('password'),
+    ]);
+
+    $this->actingAs($user);
+
+    $response = Livewire::test(Password::class)
+        ->set('current_password', 'password')
+        ->set('password', 'new-password')
+        ->set('password_confirmation', 'new-password')
+        ->call('updatePassword');
+
+    $response->assertHasNoErrors();
+
+    expect(Hash::check('new-password', $user->refresh()->password))->toBeTrue();
+});
+
+test('correct password must be provided to update password', function () {
+    $user = User::factory()->create([
+        'password' => Hash::make('password'),
+    ]);
+
+    $this->actingAs($user);
+
+    $response = Livewire::test(Password::class)
+        ->set('current_password', 'wrong-password')
+        ->set('password', 'new-password')
+        ->set('password_confirmation', 'new-password')
+        ->call('updatePassword');
+
+    $response->assertHasErrors(['current_password']);
+});

tests/Feature/Settings/ProfileUpdateTest.php

@@ -0,0 +1,76 @@
+<?php
+
+use App\Livewire\Settings\Profile;
+use App\Models\User;
+use Livewire\Livewire;
+
+test('profile page is displayed', function () {
+    $this->actingAs($user = User::factory()->create());
+
+    $this->get('/settings/profile')->assertOk();
+});
+
+test('profile information can be updated', function () {
+    $user = User::factory()->create();
+
+    $this->actingAs($user);
+
+    $response = Livewire::test(Profile::class)
+        ->set('name', 'Test User')
+        ->set('email', 'test@example.com')
+        ->call('updateProfileInformation');
+
+    $response->assertHasNoErrors();
+
+    $user->refresh();
+
+    expect($user->name)->toEqual('Test User');
+    expect($user->email)->toEqual('test@example.com');
+    expect($user->email_verified_at)->toBeNull();
+});
+
+test('email verification status is unchanged when email address is unchanged', function () {
+    $user = User::factory()->create();
+
+    $this->actingAs($user);
+
+    $response = Livewire::test(Profile::class)
+        ->set('name', 'Test User')
+        ->set('email', $user->email)
+        ->call('updateProfileInformation');
+
+    $response->assertHasNoErrors();
+
+    expect($user->refresh()->email_verified_at)->not->toBeNull();
+});
+
+test('user can delete their account', function () {
+    $user = User::factory()->create();
+
+    $this->actingAs($user);
+
+    $response = Livewire::test('settings.delete-user-form')
+        ->set('password', 'password')
+        ->call('deleteUser');
+
+    $response
+        ->assertHasNoErrors()
+        ->assertRedirect('/');
+
+    expect($user->fresh())->toBeNull();
+    expect(auth()->check())->toBeFalse();
+});
+
+test('correct password must be provided to delete account', function () {
+    $user = User::factory()->create();
+
+    $this->actingAs($user);
+
+    $response = Livewire::test('settings.delete-user-form')
+        ->set('password', 'wrong-password')
+        ->call('deleteUser');
+
+    $response->assertHasErrors(['password']);
+
+    expect($user->fresh())->not->toBeNull();
+});

tests/Feature/Settings/TwoFactorAuthenticationTest.php

@@ -0,0 +1,70 @@
+<?php
+
+use App\Models\User;
+use Laravel\Fortify\Features;
+use Livewire\Livewire;
+
+beforeEach(function () {
+    if (! Features::canManageTwoFactorAuthentication()) {
+        $this->markTestSkipped('Two-factor authentication is not enabled.');
+    }
+
+    Features::twoFactorAuthentication([
+        'confirm' => true,
+        'confirmPassword' => true,
+    ]);
+});
+
+test('two factor settings page can be rendered', function () {
+    $user = User::factory()->withoutTwoFactor()->create();
+
+    $this->actingAs($user)
+        ->withSession(['auth.password_confirmed_at' => time()])
+        ->get(route('two-factor.show'))
+        ->assertOk()
+        ->assertSee('Two Factor Authentication')
+        ->assertSee('Disabled');
+});
+
+test('two factor settings page requires password confirmation when enabled', function () {
+    $user = User::factory()->create();
+
+    $response = $this->actingAs($user)
+        ->get(route('two-factor.show'));
+
+    $response->assertRedirect(route('password.confirm'));
+});
+
+test('two factor settings page returns forbidden response when two factor is disabled', function () {
+    config(['fortify.features' => []]);
+
+    $user = User::factory()->create();
+
+    $response = $this->actingAs($user)
+        ->withSession(['auth.password_confirmed_at' => time()])
+        ->get(route('two-factor.show'));
+
+    $response->assertForbidden();
+});
+
+test('two factor authentication disabled when confirmation abandoned between requests', function () {
+    $user = User::factory()->create();
+
+    $user->forceFill([
+        'two_factor_secret' => encrypt('test-secret'),
+        'two_factor_recovery_codes' => encrypt(json_encode(['code1', 'code2'])),
+        'two_factor_confirmed_at' => null,
+    ])->save();
+
+    $this->actingAs($user);
+
+    $component = Livewire::test('settings.two-factor');
+
+    $component->assertSet('twoFactorEnabled', false);
+
+    $this->assertDatabaseHas('users', [
+        'id' => $user->id,
+        'two_factor_secret' => null,
+        'two_factor_recovery_codes' => null,
+    ]);
+});