local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 51 Pull requests 13 Projects 1 Releases Packages 1 Activity Actions
mitgliederverwaltung/test/mv_web/controllers/auth_controller_test.exs
Moritz 8507109631
All checks were successful
continuous-integration/drone/push Build is passing
Details
feat: test authentication
2025-07-31 14:18:36 +02:00

192 lines
5.4 KiB
Elixir
Raw Blame History

defmodule MvWeb.AuthControllerTest do
use MvWeb.ConnCase, async: true
import Phoenix.LiveViewTest
# Basic UI tests
test "GET /sign-in shows sign in form", %{conn: conn} do
conn = get(conn, ~p"/sign-in")
assert html_response(conn, 200) =~ "Sign in"
end
test "GET /sign-out redirects to home", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = get(conn, ~p"/sign-out")
assert redirected_to(conn) == ~p"/"
end
# Password authentication (LiveView)
test "password user can sign in with valid credentials via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "password@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "password@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
test "password user with invalid credentials shows error via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "test@example.com",
password: "correct_password",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
html =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "test@example.com", password: "wrong_password"}
)
|> render_submit()
assert html =~ "Email or password was incorrect"
end
test "password user with non-existent email shows error via LiveView", %{conn: conn} do
{:ok, view, _html} = live(conn, "/sign-in")
html =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "nonexistent@example.com", password: "anypassword"}
)
|> render_submit()
assert html =~ "Email or password was incorrect"
end
# Registration (LiveView)
test "user can register with valid credentials via LiveView", %{conn: conn} do
{:ok, view, _html} = live(conn, "/register")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-register-with-password-wrapper form",
user: %{email: "newuser@example.com", password: "newpassword123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
test "registration with existing email shows error via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "existing@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/register")
html =
view
|> form("#user-password-register-with-password-wrapper form",
user: %{email: "existing@example.com", password: "anotherpassword"}
)
|> render_submit()
assert html =~ "has already been taken"
end
test "registration with weak password shows error via LiveView", %{conn: conn} do
{:ok, view, _html} = live(conn, "/register")
html =
view
|> form("#user-password-register-with-password-wrapper form",
user: %{email: "weakpass@example.com", password: "123"}
)
|> render_submit()
assert html =~ "length must be greater than or equal to 8"
end
# Access control
test "unauthenticated user accessing protected route gets redirected to sign-in", %{conn: conn} do
conn = get(conn, ~p"/members")
assert redirected_to(conn) == ~p"/sign-in"
end
test "authenticated user can access protected route", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = get(conn, ~p"/members")
assert conn.status == 200
end
test "password authenticated user can access protected route via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "auth@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "auth@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
# After login, user is redirected to /auth/user/password/sign_in_with_token. Session handling for protected routes should be tested in integration or E2E tests.
end
# Edge cases
test "user with nil oidc_id can still sign in with password via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "nil_oidc@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "nil_oidc@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
test "user with empty string oidc_id is handled correctly via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "empty_oidc@example.com",
password: "secret123",
oidc_id: ""
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "empty_oidc@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
end
Reference in a new issue View git blame Copy permalink