admin login validation added
This commit is contained in:
parent
d2c3564c26
commit
39fae18ef6
@ -21,15 +21,42 @@ public function showLogin()
|
||||
*/
|
||||
public function login(Request $request)
|
||||
{
|
||||
$credentials = $request->validate([
|
||||
$validator = \Illuminate\Support\Facades\Validator::make($request->all(), [
|
||||
'email' => ['required', 'email'],
|
||||
'password' => ['required'],
|
||||
], [
|
||||
'email.required' => 'Please enter your email address.',
|
||||
'email.email' => 'Please enter a valid email address.',
|
||||
'password.required' => 'Please enter your password.',
|
||||
]);
|
||||
|
||||
if ($validator->fails()) {
|
||||
return back()->withErrors($validator)->withInput($request->only('email'));
|
||||
}
|
||||
|
||||
$credentials = $validator->validated();
|
||||
|
||||
// Database-backed authentication check
|
||||
$user = \App\Models\User::where('email', $credentials['email'])->first();
|
||||
|
||||
if ($user && \Illuminate\Support\Facades\Hash::check($credentials['password'], $user->password) && $user->role === 'admin') {
|
||||
if (!$user) {
|
||||
return back()->withErrors([
|
||||
'email' => 'This email is not registered.',
|
||||
])->withInput($request->only('email'));
|
||||
}
|
||||
|
||||
if ($user->role !== 'admin') {
|
||||
return back()->withErrors([
|
||||
'email' => 'This email is not registered as an admin.',
|
||||
])->withInput($request->only('email'));
|
||||
}
|
||||
|
||||
if (!\Illuminate\Support\Facades\Hash::check($credentials['password'], $user->password)) {
|
||||
return back()->withErrors([
|
||||
'password' => 'The password you entered is incorrect.',
|
||||
])->withInput($request->only('email'));
|
||||
}
|
||||
|
||||
$request->session()->regenerate();
|
||||
|
||||
auth()->login($user);
|
||||
@ -44,11 +71,6 @@ public function login(Request $request)
|
||||
return redirect()->intended('/admin/dashboard');
|
||||
}
|
||||
|
||||
return back()->withErrors([
|
||||
'email' => 'The provided credentials do not match our records. (Use admin@example.com / password)',
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Log the admin out of the application.
|
||||
*/
|
||||
|
||||
@ -54,7 +54,7 @@ export default function Login() {
|
||||
<hr className="border-slate-100 mb-6" />
|
||||
|
||||
{/* Form */}
|
||||
<form onSubmit={handleSubmit} className="space-y-5">
|
||||
<form onSubmit={handleSubmit} noValidate className="space-y-5">
|
||||
<div>
|
||||
<label htmlFor="email" className="block text-sm font-medium text-gray-700 mb-1.5">
|
||||
Email Address
|
||||
|
||||
124
tests/Feature/AdminLoginTest.php
Normal file
124
tests/Feature/AdminLoginTest.php
Normal file
@ -0,0 +1,124 @@
|
||||
<?php
|
||||
|
||||
namespace Tests\Feature;
|
||||
|
||||
use App\Models\User;
|
||||
use Illuminate\Foundation\Testing\RefreshDatabase;
|
||||
use Tests\TestCase;
|
||||
|
||||
class AdminLoginTest extends TestCase
|
||||
{
|
||||
use RefreshDatabase;
|
||||
|
||||
/**
|
||||
* Test admin login page can be rendered.
|
||||
*/
|
||||
public function test_admin_can_view_login_page()
|
||||
{
|
||||
$response = $this->get('/admin/login');
|
||||
$response->assertStatus(200);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test admin login validation fails if email is invalid.
|
||||
*/
|
||||
public function test_admin_login_fails_if_email_is_invalid()
|
||||
{
|
||||
$response = $this->post('/admin/login', [
|
||||
'email' => 'invalid-email',
|
||||
'password' => 'password',
|
||||
]);
|
||||
|
||||
$response->assertSessionHasErrors(['email']);
|
||||
$this->assertEquals(
|
||||
'Please enter a valid email address.',
|
||||
session('errors')->get('email')[0]
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test admin login validation fails if email is not registered.
|
||||
*/
|
||||
public function test_admin_login_fails_if_email_is_not_registered()
|
||||
{
|
||||
$response = $this->post('/admin/login', [
|
||||
'email' => 'unregistered@example.com',
|
||||
'password' => 'password',
|
||||
]);
|
||||
|
||||
$response->assertSessionHasErrors(['email']);
|
||||
$this->assertEquals(
|
||||
'This email is not registered.',
|
||||
session('errors')->get('email')[0]
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test admin login validation fails if email is registered but not as an admin.
|
||||
*/
|
||||
public function test_admin_login_fails_if_user_is_not_an_admin()
|
||||
{
|
||||
User::create([
|
||||
'name' => 'Regular User',
|
||||
'email' => 'user@example.com',
|
||||
'password' => bcrypt('password'),
|
||||
'role' => 'employer', // Not admin
|
||||
]);
|
||||
|
||||
$response = $this->post('/admin/login', [
|
||||
'email' => 'user@example.com',
|
||||
'password' => 'password',
|
||||
]);
|
||||
|
||||
$response->assertSessionHasErrors(['email']);
|
||||
$this->assertEquals(
|
||||
'This email is not registered as an admin.',
|
||||
session('errors')->get('email')[0]
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test admin login validation fails if password is wrong.
|
||||
*/
|
||||
public function test_admin_login_fails_if_password_is_incorrect()
|
||||
{
|
||||
User::create([
|
||||
'name' => 'Admin User',
|
||||
'email' => 'admin_test@example.com',
|
||||
'password' => bcrypt('correct_password'),
|
||||
'role' => 'admin',
|
||||
]);
|
||||
|
||||
$response = $this->post('/admin/login', [
|
||||
'email' => 'admin_test@example.com',
|
||||
'password' => 'wrong_password',
|
||||
]);
|
||||
|
||||
$response->assertSessionHasErrors(['password']);
|
||||
$this->assertEquals(
|
||||
'The password you entered is incorrect.',
|
||||
session('errors')->get('password')[0]
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test admin login succeeds with correct credentials.
|
||||
*/
|
||||
public function test_admin_login_succeeds_with_correct_credentials()
|
||||
{
|
||||
$admin = User::create([
|
||||
'name' => 'Admin User',
|
||||
'email' => 'admin_test@example.com',
|
||||
'password' => bcrypt('correct_password'),
|
||||
'role' => 'admin',
|
||||
]);
|
||||
|
||||
$response = $this->post('/admin/login', [
|
||||
'email' => 'admin_test@example.com',
|
||||
'password' => 'correct_password',
|
||||
]);
|
||||
|
||||
$response->assertRedirect('/admin/dashboard');
|
||||
$this->assertAuthenticatedAs($admin);
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user