Test Fix

Author: pushpak1300

app/Providers/FortifyServiceProvider.php

@@ -7,7 +7,6 @@
 use Illuminate\Support\Facades\RateLimiter;
 use Illuminate\Support\ServiceProvider;
 use Laravel\Fortify\Fortify;
-use Livewire\Volt\Volt;
 
 class FortifyServiceProvider extends ServiceProvider
 {

routes/web.php

@@ -28,4 +28,4 @@
         ->name('settings.two-factor');
 });
 
-require __DIR__ . '/auth.php';
+require __DIR__.'/auth.php';

tests/Feature/Auth/AuthenticationTest.php

@@ -4,6 +4,7 @@
 
 use App\Models\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
+use Laravel\Fortify\Features;
 use Livewire\Volt\Volt as LivewireVolt;
 use Tests\TestCase;
 
@@ -58,4 +59,47 @@ public function test_users_can_logout(): void
 
         $this->assertGuest();
     }
+
+    public function test_users_with_two_factor_enabled_are_redirected_to_two_factor_challenge(): void
+    {
+        if (! Features::canManageTwoFactorAuthentication()) {
+            $this->markTestSkipped('Two-factor authentication is not enabled.');
+        }
+
+        Features::twoFactorAuthentication([
+            'confirm' => true,
+            'confirmPassword' => true,
+        ]);
+
+        $user = User::factory()->create();
+
+        $user->forceFill([
+            'two_factor_secret' => encrypt('test-secret'),
+            'two_factor_recovery_codes' => encrypt(json_encode(['code1', 'code2'])),
+            'two_factor_confirmed_at' => now(),
+        ])->save();
+
+        $response = LivewireVolt::test('auth.login')
+            ->set('email', $user->email)
+            ->set('password', 'password')
+            ->call('login');
+
+        $response->assertRedirect(route('two-factor.login'));
+        $response->assertSessionHas('login.id', $user->id);
+        $this->assertGuest();
+    }
+
+    public function test_users_without_two_factor_enabled_login_normally(): void
+    {
+        $user = User::factory()->create();
+
+        $response = LivewireVolt::test('auth.login')
+            ->set('email', $user->email)
+            ->set('password', 'password')
+            ->call('login');
+
+        $this->assertAuthenticated();
+        $response->assertRedirect(route('dashboard', absolute: false));
+        $response->assertSessionMissing('login.id');
+    }
 }

tests/Feature/Auth/TwoFactorChallengeTest.php

@@ -4,7 +4,6 @@
 
 use App\Models\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
-use Illuminate\Support\Facades\RateLimiter;
 use Laravel\Fortify\Features;
 use Livewire\Volt\Volt;
 use Tests\TestCase;
@@ -15,7 +14,7 @@ class TwoFactorChallengeTest extends TestCase
 
     public function test_two_factor_challenge_redirects_when_not_authenticated(): void
     {
-        if (!Features::canManageTwoFactorAuthentication()) {
+        if (! Features::canManageTwoFactorAuthentication()) {
             $this->markTestSkipped('Two-factor authentication is not enabled.');
         }
 
@@ -26,7 +25,7 @@ public function test_two_factor_challenge_redirects_when_not_authenticated(): vo
 
     public function test_two_factor_challenge_renders_correct_livewire_component(): void
     {
-        if (!Features::canManageTwoFactorAuthentication()) {
+        if (! Features::canManageTwoFactorAuthentication()) {
             $this->markTestSkipped('Two-factor authentication is not enabled.');
         }
 
@@ -53,7 +52,7 @@ public function test_two_factor_challenge_renders_correct_livewire_component():
 
     public function test_two_factor_authentication_is_rate_limited(): void
     {
-        if (!Features::enabled(Features::twoFactorAuthentication())) {
+        if (! Features::enabled(Features::twoFactorAuthentication())) {
             $this->markTestSkipped('Two-factor authentication is not enabled.');
         }
 
@@ -70,7 +69,7 @@ public function test_two_factor_authentication_is_rate_limited(): void
             'two_factor_confirmed_at' => now(),
         ])->save();
 
-        collect(range(1, 5))->each(function () use ($user) {
+        collect(range(1, 5))->each(function () {
             $this->post(route('two-factor.login.store'), ['code' => '21212'])
                 ->assertRedirect(route('two-factor.login'))
                 ->assertSessionHasErrors('code');

tests/Feature/Settings/TwoFactorAuthenticationTest.php

@@ -0,0 +1,135 @@
+<?php
+
+namespace Tests\Feature\Settings;
+
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Routing\Route;
+use Illuminate\Support\Facades\Artisan;
+use Laravel\Fortify\Features;
+use Livewire\Volt\Volt;
+use Tests\TestCase;
+
+class TwoFactorAuthenticationTest extends TestCase
+{
+    use RefreshDatabase;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        if (! Features::canManageTwoFactorAuthentication()) {
+            $this->markTestSkipped('Two-factor authentication is not enabled.');
+        }
+
+        Features::twoFactorAuthentication([
+            'confirm' => true,
+            'confirmPassword' => true,
+        ]);
+    }
+
+    public function test_two_factor_settings_page_is_displayed(): void
+    {
+        $user = User::factory()->create();
+
+        $this->actingAs($user)
+            ->withSession(['auth.password_confirmed_at' => time()])
+            ->get(route('settings.two-factor'))
+            ->assertOk()
+            ->assertSee('Two Factor Authentication')
+            ->assertSee('Disabled');
+    }
+
+    public function test_two_factor_settings_page_requires_password_confirmation(): void
+    {
+        $user = User::factory()->create();
+
+        $response = $this->actingAs($user)
+            ->get(route('settings.two-factor'));
+
+        $response->assertRedirect(route('password.confirm'));
+    }
+
+    public function test_two_factor_settings_page_returns_forbidden_when_two_factor_is_disabled(): void
+    {
+        config(['fortify.features' => []]);
+
+        $user = User::factory()->create();
+
+        $response = $this->actingAs($user)
+            ->withSession(['auth.password_confirmed_at' => time()])
+            ->get(route('settings.two-factor'));
+
+        $response->assertForbidden();
+    }
+
+    public function test_enable_two_factor_sets_up_confirmation_flow_when_confirmation_required(): void
+    {
+        Features::twoFactorAuthentication([
+            'confirm' => true,
+            'confirmPassword' => false,
+        ]);
+
+        $user = User::factory()->create();
+
+        $this->actingAs($user);
+
+        $component = Volt::test('settings.two-factor')
+            ->call('enable');
+
+        $component->assertSet('twoFactorEnabled', false);
+        $this->assertNotEmpty($component->get('qrCodeSvg'));
+        $this->assertNotEmpty($component->get('manualSetupKey'));
+
+        $user->refresh();
+        $this->assertNotNull($user->two_factor_secret);
+        $this->assertNotNull($user->two_factor_recovery_codes);
+        $this->assertNull($user->two_factor_confirmed_at);
+    }
+
+    public function test_enable_two_factor_immediately_enables_when_confirmation_not_required(): void
+    {
+        Features::twoFactorAuthentication([
+            'confirm' => false,
+            'confirmPassword' => false,
+        ]);
+
+        $user = User::factory()->create();
+
+        $this->actingAs($user);
+
+        $component = Volt::test('settings.two-factor')
+            ->call('enable')
+            ->assertSet('twoFactorEnabled', true);
+
+        $this->assertNotEmpty($component->get('qrCodeSvg'));
+        $this->assertNotEmpty($component->get('manualSetupKey'));
+
+        $user->refresh();
+        $this->assertNotNull($user->two_factor_secret);
+        $this->assertNotNull($user->two_factor_recovery_codes);
+    }
+
+    public function test_two_factor_authentication_disabled_when_confirmation_abandoned_between_requests(): void
+    {
+        $user = User::factory()->create();
+
+        $user->forceFill([
+            'two_factor_secret' => encrypt('test-secret'),
+            'two_factor_recovery_codes' => encrypt(json_encode(['code1', 'code2'])),
+            'two_factor_confirmed_at' => null,
+        ])->save();
+
+        $this->actingAs($user);
+
+        $component = Volt::test('settings.two-factor');
+
+        $component->assertSet('twoFactorEnabled', false);
+
+        $this->assertDatabaseHas('users', [
+            'id' => $user->id,
+            'two_factor_secret' => null,
+            'two_factor_recovery_codes' => null,
+        ]);
+    }
+}