cjd/ai-web
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

init
Some checks failed
Tests / PHP 8.2 (push) Has been cancelled
Details
Tests / PHP 8.3 (push) Has been cancelled
Details
Tests / PHP 8.4 (push) Has been cancelled
Details

Browse Source
This commit is contained in:
jiangdong.cheng
2026-02-11 17:28:36 +08:00
parent dcb82557c7
commit aa16c9f8c2
162 changed files with 22333 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
tests/Feature/AdminAuthTest.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
declare(strict_types=1);
namespace Tests\Feature;
use Illuminate\Support\Facades\RateLimiter;
use Tests\TestCase;
class AdminAuthTest extends TestCase
{
public function test_admin_login_page_and_captcha_are_accessible(): void
{
$this->get('/admin/login')->assertOk();
$this->get('/admin/captcha')
->assertOk()
->assertHeader('Content-Type', 'image/png');
}
public function test_admin_can_login_with_valid_captcha_and_credentials(): void
{
config([
'app.admin_user' => 'admin',
'app.admin_password' => 'secret-pass',
]);
$captcha = 'ABCD1';
$response = $this
->withSession(['admin_captcha_hash' => hash('sha256', strtolower($captcha))])
->post('/admin/login', [
'username' => 'admin',
'password' => 'secret-pass',
'captcha' => $captcha,
]);
$response->assertRedirect(route('admin.dashboard'));
$this->assertTrue((bool) session('admin_authenticated'));
$this->assertSame('admin', session('admin_username'));
}
public function test_admin_login_is_rate_limited_when_too_many_attempts(): void
{
config([
'app.admin_user' => 'admin',
'app.admin_password' => 'secret-pass',
]);
$key = 'admin|127.0.0.1';
RateLimiter::clear($key);
for ($attempt = 0; $attempt < 5; $attempt++) {
RateLimiter::hit($key, 120);
}
$response = $this
->withServerVariables(['REMOTE_ADDR' => '127.0.0.1'])
->withSession(['admin_captcha_hash' => hash('sha256', 'abcde')])
->from('/admin/login')
->post('/admin/login', [
'username' => 'admin',
'password' => 'wrong',
'captcha' => 'ABCDE',
]);
$response->assertRedirect('/admin/login');
$response->assertSessionHasErrors(['username']);
RateLimiter::clear($key);
}
}