Skip to content

Commit

Permalink
feat: add signed middleware to login link
Browse files Browse the repository at this point in the history
  • Loading branch information
@pushpak1300
pushpak1300 committed Feb 3, 2025
1 parent e5afc3f commit 5e79f89
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 5 deletions.
3 changes: 3 additions & 0 deletions composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,9 @@
"analyse": [
"./vendor/bin/phpstan analyse -c phpstan.neon --ansi"
],
"test": [
"./vendor/bin/pest --parallel"
],
"format": [
"./vendor/bin/pint --ansi",
"./vendor/bin/rector --ansi"
Expand Down
4 changes: 3 additions & 1 deletion routes/web.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,9 @@ function () {
// Magic Link
Route::middleware('throttle:login-link')->group(function () {
Route::post('/login-link', [LoginLinkController::class, 'store'])->name('login-link.store');
Route::get('/login-link/{token}', [LoginLinkController::class, 'login'])->name('login-link.login');
Route::get('/login-link/{token}', [LoginLinkController::class, 'login'])
->name('login-link.login')
->middleware('signed');
});
}
);
Expand Down
11 changes: 7 additions & 4 deletions tests/Feature/Controllers/User/LoginLinkControllerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
use App\Models\User;
use App\Models\LoginLink;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\URL;
use App\Notifications\LoginLinkMail;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Notification;
Expand Down Expand Up @@ -93,7 +94,9 @@

Str::createRandomStringsNormally();

$response = get(route('login-link.login', ['token' => 'fake-random-string']));
$url = URL::signedRoute('login-link.login', ['token' => 'fake-random-string']);

$response = get($url);

$response->assertRedirect(route('dashboard'));

Expand All @@ -108,7 +111,7 @@

$response = get(route('login-link.login', ['token' => 'fake-random-string']));

$response->assertNotFound();
$response->assertForbidden();

assertGuest();
});
Expand All @@ -122,15 +125,15 @@

$response = get(route('login-link.login', ['token' => 'fake-random-string']));

$response->assertNotFound();
$response->assertForbidden();

assertGuest();
});

it('fails with invalid token', function (): void {
$response = get(route('login-link.login', ['token' => 'invalid-token']));

$response->assertNotFound();
$response->assertForbidden();

assertGuest();
});
Expand Down

0 comments on commit 5e79f89

Please sign in to comment.