diff --git a/.env.dusk b/.env.dusk new file mode 100644 index 000000000..4c8e50527 --- /dev/null +++ b/.env.dusk @@ -0,0 +1,26 @@ +APP_ENV=local +APP_DEBUG=false +APP_KEY=NDWgIKKi9ovNK1PXZpzfNVSBdfCXGb5i +APP_JWT_KEY=test1234 +APP_TIMEZONE=America/Los_Angeles +APP_URL=http://pterodactyl.local + +CACHE_DRIVER=file +SESSION_DRIVER=file + +HASHIDS_SALT=IqRr0g82tCTeuyxGs8RV +HASHIDS_LENGTH=8 + +MAIL_DRIVER=log +MAIL_FROM=support@pterodactyl.io +QUEUE_DRIVER=array + +APP_SERVICE_AUTHOR=testing@pterodactyl.io +MAIL_FROM_NAME="Pterodactyl Panel" +RECAPTCHA_ENABLED=false + +DB_CONNECTION=testing +TESTING_DB_HOST=services.pterodactyl.local +TESTING_DB_DATABASE=panel_test +TESTING_DB_USERNAME=panel_test +TESTING_DB_PASSWORD=Test1234 diff --git a/composer.json b/composer.json index d922ebad4..e36bb6797 100644 --- a/composer.json +++ b/composer.json @@ -48,6 +48,7 @@ "filp/whoops": "^2.1", "friendsofphp/php-cs-fixer": "^2.11.1", "fzaninotto/faker": "^1.6", + "laravel/dusk": "^3.0", "martinlindhe/laravel-vue-i18n-generator": "^0.1.28", "mockery/mockery": "^1.0", "nunomaduro/collision": "^2.0", @@ -68,6 +69,7 @@ }, "autoload-dev": { "psr-4": { + "Pterodactyl\\Tests\\Browser\\": "tests/Browser", "Pterodactyl\\Tests\\Integration\\": "tests/Integration", "Tests\\": "tests/" } diff --git a/composer.lock b/composer.lock index 80cf8495e..fb9a2d822 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "f84af54d009a128472ca7e19a50fccf8", + "content-hash": "069ebb3ec35c8b309b129189106ad45a", "packages": [ { "name": "appstract/laravel-blade-directives", @@ -4692,6 +4692,66 @@ ], "time": "2017-07-22T11:58:36+00:00" }, + { + "name": "facebook/webdriver", + "version": "1.6.0", + "source": { + "type": "git", + "url": "https://github.com/facebook/php-webdriver.git", + "reference": "bd8c740097eb9f2fc3735250fc1912bc811a954e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/facebook/php-webdriver/zipball/bd8c740097eb9f2fc3735250fc1912bc811a954e", + "reference": "bd8c740097eb9f2fc3735250fc1912bc811a954e", + "shasum": "" + }, + "require": { + "ext-curl": "*", + "ext-json": "*", + "ext-mbstring": "*", + "ext-zip": "*", + "php": "^5.6 || ~7.0", + "symfony/process": "^2.8 || ^3.1 || ^4.0" + }, + "require-dev": { + "friendsofphp/php-cs-fixer": "^2.0", + "jakub-onderka/php-parallel-lint": "^0.9.2", + "php-coveralls/php-coveralls": "^2.0", + "php-mock/php-mock-phpunit": "^1.1", + "phpunit/phpunit": "^5.7", + "sebastian/environment": "^1.3.4 || ^2.0 || ^3.0", + "squizlabs/php_codesniffer": "^2.6", + "symfony/var-dumper": "^3.3 || ^4.0" + }, + "suggest": { + "ext-SimpleXML": "For Firefox profile creation" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-community": "1.5-dev" + } + }, + "autoload": { + "psr-4": { + "Facebook\\WebDriver\\": "lib/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "description": "A PHP client for Selenium WebDriver", + "homepage": "https://github.com/facebook/php-webdriver", + "keywords": [ + "facebook", + "php", + "selenium", + "webdriver" + ], + "time": "2018-05-16T17:37:13+00:00" + }, { "name": "filp/whoops", "version": "2.1.14", @@ -5002,6 +5062,67 @@ ], "time": "2016-02-11T16:21:17+00:00" }, + { + "name": "laravel/dusk", + "version": "v3.0.8", + "source": { + "type": "git", + "url": "https://github.com/laravel/dusk.git", + "reference": "c6201427e63b869b0c1ee83d91c1d1958b71968e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/laravel/dusk/zipball/c6201427e63b869b0c1ee83d91c1d1958b71968e", + "reference": "c6201427e63b869b0c1ee83d91c1d1958b71968e", + "shasum": "" + }, + "require": { + "facebook/webdriver": "~1.0", + "illuminate/console": "~5.6", + "illuminate/support": "~5.6", + "nesbot/carbon": "~1.20", + "php": ">=7.1.0", + "symfony/console": "~4.0", + "symfony/process": "~4.0" + }, + "require-dev": { + "mockery/mockery": "~1.0", + "phpunit/phpunit": "~7.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.0-dev" + }, + "laravel": { + "providers": [ + "Laravel\\Dusk\\DuskServiceProvider" + ] + } + }, + "autoload": { + "psr-4": { + "Laravel\\Dusk\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Taylor Otwell", + "email": "taylor@laravel.com" + } + ], + "description": "Laravel Dusk provides simple end-to-end testing and browser automation.", + "keywords": [ + "laravel", + "testing", + "webdriver" + ], + "time": "2018-04-29T19:15:23+00:00" + }, { "name": "martinlindhe/laravel-vue-i18n-generator", "version": "0.1.28", diff --git a/phpunit.xml b/phpunit.xml index 0b67ad6ea..1bf73c4c6 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -10,6 +10,9 @@ processIsolation="false" stopOnFailure="false"> + + ./tests/Browser/Processes + ./tests/Integration diff --git a/resources/assets/scripts/bootstrap.js b/resources/assets/scripts/bootstrap.js index 562a7adf3..05dccd8e8 100644 --- a/resources/assets/scripts/bootstrap.js +++ b/resources/assets/scripts/bootstrap.js @@ -17,8 +17,8 @@ try { */ window.axios = require('axios'); - window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'; +window.axios.defaults.headers.common['Accept'] = 'application/json'; window.axios.defaults.headers.common['Authorization'] = 'Bearer ' + localStorage.token || ''; if (typeof phpdebugbar !== 'undefined') { diff --git a/resources/assets/scripts/components/auth/ForgotPassword.vue b/resources/assets/scripts/components/auth/ForgotPassword.vue index e06fa40b4..5a5dc42b8 100644 --- a/resources/assets/scripts/components/auth/ForgotPassword.vue +++ b/resources/assets/scripts/components/auth/ForgotPassword.vue @@ -5,13 +5,14 @@ >
- - +

{{ $t('auth.forgot_password.label_help') }}

@@ -25,6 +26,7 @@
{{ $t('auth.go_to_login') }} @@ -68,6 +70,10 @@ email: this.$props.email, }) .then(function (response) { + if (!(response.data instanceof Object)) { + throw new Error('An error was encountered while processing this request.'); + } + self.$data.submitDisabled = false; self.$data.showSpinner = false; self.success(response.data.status); diff --git a/resources/assets/scripts/components/auth/LoginForm.vue b/resources/assets/scripts/components/auth/LoginForm.vue index bd217c26e..39708ec2e 100644 --- a/resources/assets/scripts/components/auth/LoginForm.vue +++ b/resources/assets/scripts/components/auth/LoginForm.vue @@ -5,29 +5,30 @@ >
- - +
- - +
-
- {{ $t('auth.forgot_password.label') }} @@ -81,6 +82,12 @@ password: this.$props.user.password, }) .then(function (response) { + // If there is a 302 redirect or some other odd behavior (basically, response that isnt + // in JSON format) throw an error and don't try to continue with the login. + if (!(response.data instanceof Object)) { + throw new Error('An error was encountered while processing this request.'); + } + if (response.data.complete) { localStorage.setItem('token', response.data.token); self.$store.dispatch('login'); @@ -94,6 +101,7 @@ .catch(function (err) { self.$props.user.password = ''; self.$data.showSpinner = false; + self.$refs.password.focus(); self.$store.dispatch('logout'); if (!err.response) { @@ -105,7 +113,6 @@ response.data.errors.forEach(function (error) { self.error(error.detail); }); - self.$refs.password.focus(); } }); }, diff --git a/resources/assets/scripts/components/auth/ResetPassword.vue b/resources/assets/scripts/components/auth/ResetPassword.vue index 2a7cf17a6..cda6716ac 100644 --- a/resources/assets/scripts/components/auth/ResetPassword.vue +++ b/resources/assets/scripts/components/auth/ResetPassword.vue @@ -93,6 +93,10 @@ token: this.$props.token, }) .then(function (response) { + if (!(response.data instanceof Object)) { + throw new Error('An error was encountered while processing this login.'); + } + return window.location = response.data.redirect_to; }) .catch(function (err) { diff --git a/resources/assets/scripts/components/auth/TwoFactorForm.vue b/resources/assets/scripts/components/auth/TwoFactorForm.vue index e42df8451..21f9cddfe 100644 --- a/resources/assets/scripts/components/auth/TwoFactorForm.vue +++ b/resources/assets/scripts/components/auth/TwoFactorForm.vue @@ -37,6 +37,10 @@ }; }, mounted: function () { + if ((this.$route.query.token || '').length < 1) { + return this.$router.push({ name: 'login' }); + } + this.$refs.code.focus(); }, methods: { @@ -49,8 +53,13 @@ authentication_code: this.$data.code, }) .then(function (response) { + if (!(response.data instanceof Object)) { + throw new Error('An error was encountered while processing this login.'); + } + localStorage.setItem('token', response.data.token); self.$store.dispatch('login'); + window.location = response.data.intended; }) .catch(function (err) { diff --git a/resources/assets/scripts/routes.js b/resources/assets/scripts/routes.js index 64b255463..df2440e3f 100644 --- a/resources/assets/scripts/routes.js +++ b/resources/assets/scripts/routes.js @@ -7,7 +7,7 @@ import ResetPassword from './components/auth/ResetPassword'; export const routes = [ { name: 'login', path: '/auth/login', component: Login }, { name: 'forgot-password', path: '/auth/password', component: Login }, - { name: 'checkpoint', path: '/checkpoint', component: Login }, + { name: 'checkpoint', path: '/auth/checkpoint', component: Login }, { name: 'reset-password', path: '/auth/password/reset/:token', diff --git a/tests/Browser/BrowserTestCase.php b/tests/Browser/BrowserTestCase.php new file mode 100644 index 000000000..dd96930a8 --- /dev/null +++ b/tests/Browser/BrowserTestCase.php @@ -0,0 +1,64 @@ +addArguments([ + '--disable-gpu', + '--disable-infobars', + ]); + + return RemoteWebDriver::create( + 'http://services.pterodactyl.local:4444/wd/hub', DesiredCapabilities::chrome()->setCapability( + ChromeOptions::CAPABILITY, $options + ) + ); + } + + /** + * Return an instance of the browser to be used for tests. + * + * @param \Facebook\WebDriver\Remote\RemoteWebDriver $driver + * @return \Pterodactyl\Tests\Browser\PterodactylBrowser + */ + protected function newBrowser($driver): PterodactylBrowser + { + return new PterodactylBrowser($driver); + } +} diff --git a/tests/Browser/Pages/BasePage.php b/tests/Browser/Pages/BasePage.php new file mode 100644 index 000000000..7d8efb513 --- /dev/null +++ b/tests/Browser/Pages/BasePage.php @@ -0,0 +1,16 @@ + '#grid-email', + '@username' => '#grid-username', + '@password' => '#grid-password', + '@loginButton' => '#grid-login-button', + '@submitButton' => 'button.btn.btn-jumbo[type="submit"]', + '@forgotPassword' => 'a[href="/auth/password"][aria-label="Forgot password"]', + '@goToLogin' => 'a[href="/auth/login"][aria-label="Go to login"]', + '@alertSuccess' => 'div[role="alert"].success > span.message', + '@alertDanger' => 'div[role="alert"].danger > span.message', + ]; + } +} diff --git a/tests/Browser/Processes/Authentication/ForgotPasswordProcessTest.php b/tests/Browser/Processes/Authentication/ForgotPasswordProcessTest.php new file mode 100644 index 000000000..ab8c9bc8a --- /dev/null +++ b/tests/Browser/Processes/Authentication/ForgotPasswordProcessTest.php @@ -0,0 +1,50 @@ +browse(function (PterodactylBrowser $browser) { + $browser->visit(new LoginPage) + ->assertSee(trans('auth.forgot_password.label')) + ->click('@forgotPassword') + ->waitForLocation('/auth/password') + ->assertFocused('@email') + ->assertSeeIn('.input-open > p.text-xs', trans('auth.forgot_password.label_help')) + ->assertSeeIn('@submitButton', trans('auth.forgot_password.button')) + ->type('@email', 'unassociated@example.com') + ->assertSeeIn('@goToLogin', trans('auth.go_to_login')) + ->press('@submitButton') + ->waitForLocation('/auth/login') + ->assertSeeIn('div[role="alert"].success > span.message', 'We have e-mailed your password reset link!') + ->assertFocused('@username') + ->assertValue('@username', 'unassociated@example.com'); + }); + } + + /** + * Test that you can type in your email address and then click forgot password and have + * the email maintained on the new page. + */ + public function testEmailCarryover() + { + $this->browse(function (PterodactylBrowser $browser) { + $browser->visit(new LoginPage) + ->type('@username', 'dane@example.com') + ->click('@forgotPassword') + ->waitForLocation('/auth/password') + ->assertFocused('@email') + ->assertValue('@email', 'dane@example.com'); + }); + } +} diff --git a/tests/Browser/Processes/Authentication/LoginProcessTest.php b/tests/Browser/Processes/Authentication/LoginProcessTest.php new file mode 100644 index 000000000..1e0f8a0be --- /dev/null +++ b/tests/Browser/Processes/Authentication/LoginProcessTest.php @@ -0,0 +1,88 @@ +user = factory(User::class)->create([ + 'email' => 'test@example.com', + 'password' => Hash::make('Password123'), + ]); + } + + /** + * Test that a user can login successfully using their email address. + */ + public function testLoginUsingEmail() + { + $this->browse(function (PterodactylBrowser $browser) { + $browser->visit(new LoginPage) + ->waitFor('@username') + ->type('@username', 'test@example.com') + ->type('@password', 'Password123') + ->click('@loginButton') + ->waitForReload() + ->assertPathIs('/') + ->assertAuthenticatedAs($this->user); + }); + } + + /** + * Test that a user can login successfully using their username. + */ + public function testLoginUsingUsername() + { + $this->browse(function (PterodactylBrowser $browser) { + $browser->visit(new LoginPage) + ->waitFor('@username') + ->type('@username', $this->user->username) + ->type('@password', 'Password123') + ->click('@loginButton') + ->waitForReload() + ->assertPathIs('/') + ->assertAuthenticatedAs($this->user); + }); + } + + /** + * Test that entering the wrong password shows the expected error and then allows + * us to login without clearing the username field. + */ + public function testLoginWithErrors() + { + $this->browse(function (PterodactylBrowser $browser) { + $browser->logout() + ->visit(new LoginPage()) + ->waitFor('@username') + ->type('@username', 'test@example.com') + ->type('@password', 'invalid') + ->click('@loginButton') + ->waitFor('.alert.error') + ->assertSeeIn('.alert.error', trans('auth.failed')) + ->assertValue('@username', 'test@example.com') + ->assertValue('@password', '') + ->assertFocused('@password') + ->type('@password', 'Password123') + ->keys('@password', [WebDriverKeys::ENTER]) + ->waitForReload() + ->assertPathIs('/') + ->assertAuthenticatedAs($this->user); + }); + } +} diff --git a/tests/Browser/PterodactylBrowser.php b/tests/Browser/PterodactylBrowser.php new file mode 100644 index 000000000..57a790844 --- /dev/null +++ b/tests/Browser/PterodactylBrowser.php @@ -0,0 +1,41 @@ +assertSeeIn('', $text); + } + + /** + * Perform a case insensitive search for a string in a given selector. + * + * @param string $selector + * @param string $text + * @return \Pterodactyl\Tests\Browser\PterodactylBrowser + */ + public function assertSeeIn($selector, $text) + { + $fullSelector = $this->resolver->format($selector); + $element = $this->resolver->findOrFail($selector); + + PHPUnit::assertTrue( + Str::contains(mb_strtolower($element->getText()), mb_strtolower($text)), + "Did not see expected text [{$text}] within element [{$fullSelector}] using case-insensitive search." + ); + + return $this; + } +} diff --git a/tests/Browser/console/.gitignore b/tests/Browser/console/.gitignore new file mode 100644 index 000000000..d6b7ef32c --- /dev/null +++ b/tests/Browser/console/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore diff --git a/tests/Browser/screenshots/.gitignore b/tests/Browser/screenshots/.gitignore new file mode 100644 index 000000000..d6b7ef32c --- /dev/null +++ b/tests/Browser/screenshots/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore