40 lines
1.2 KiB
PHP
40 lines
1.2 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tests\Integration;
|
|
|
|
use Tests\Support\ApiTestCase;
|
|
use Tests\Support\DatabaseFixture;
|
|
|
|
final class AuthTest extends ApiTestCase
|
|
{
|
|
public function testLoginSuccess(): void
|
|
{
|
|
$res = $this->loginAs(DatabaseFixture::ADMIN_USERNAME);
|
|
$this->assertOk($res);
|
|
$this->assertSame('admin', $res['body']['data']['role']);
|
|
$this->assertNotEmpty($this->bearerToken);
|
|
}
|
|
|
|
public function testLoginInvalidPassword(): void
|
|
{
|
|
$res = $this->api('POST', 'auth/login', [
|
|
'username' => DatabaseFixture::ADMIN_USERNAME,
|
|
'password' => 'wrong-password',
|
|
]);
|
|
$this->assertError($res, 'INVALID_CREDENTIALS');
|
|
$this->assertSame(401, $res['status']);
|
|
}
|
|
|
|
public function testMustChangePasswordTempTokenBlocked(): void
|
|
{
|
|
$login = $this->loginAs(DatabaseFixture::MUST_CHANGE_USERNAME);
|
|
$this->assertOk($login);
|
|
$this->assertTrue($login['body']['data']['mustChangePassword'] ?? false);
|
|
|
|
$blocked = $this->api('GET', 'app_questionnaires');
|
|
$this->assertLegacyAuthError($blocked, 403, 'Password change required before access');
|
|
}
|
|
}
|