Getting tests to pass

Author: tnylea

.DS_Store

@@ -7,6 +7,7 @@
 /storage/*.key
 /storage/pail
 /vendor
+.DS_Store
 .env
 .env.backup
 .env.production

.gitignore

@@ -64,16 +64,21 @@ public function store(Request $request)
 
         // Handle recovery code
         if ($request->filled('recovery_code')) {
-            $recoveryCodes = $user->recoveryCodes();
+            $recoveryCodes = json_decode(decrypt($user->two_factor_recovery_codes), true);
             $provided = $request->recovery_code;
             $match = collect($recoveryCodes)->first(function ($code) use ($provided) {
                 return hash_equals($code, $provided);
             });
             if (! $match) {
                 return back()->withErrors(['recovery_code' => __('The provided two factor authentication recovery code was invalid.')]);
             }
-            // Remove used recovery code
-            $user->replaceRecoveryCode($match);
+            // Remove used recovery code using the ProcessRecoveryCode action
+            $updatedCodes = app(\App\Actions\TwoFactorAuth\ProcessRecoveryCode::class)($recoveryCodes, $match);
+            if ($updatedCodes === false) {
+                return back()->withErrors(['recovery_code' => __('The provided two factor authentication recovery code was invalid.')]);
+            }
+            $user->two_factor_recovery_codes = encrypt(json_encode($updatedCodes));
+            $user->save();
             Auth::login($user, $request->session()->get('login.remember', false));
             $request->session()->regenerate();
             $request->session()->forget(['login.id', 'login.remember']);

app/Http/Controllers/Auth/TwoFactorAuthenticatedSessionController.php

@@ -4,7 +4,7 @@
 
 use App\Models\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
-use Livewire\Volt\Volt as LivewireVolt;
+// Removed LivewireVolt import; not needed for React stack tests.
 use Tests\TestCase;
 use App\Actions\TwoFactorAuth\GenerateQrCodeAndSecretKey;
 use App\Actions\TwoFactorAuth\GenerateNewRecoveryCodes;
@@ -23,23 +23,32 @@ public function test_can_view_two_factor_settings_page()
             ->get('/settings/two-factor');
 
         $response->assertStatus(200);
-        $response->assertSee('Two Factor Authentication');
-        $response->assertSee('Disabled');
+
+        // Check Inertia props instead of HTML
+        $inertiaProps = $response->original?->getData() ?? [];
+        if (isset($inertiaProps['page']['props'])) {
+            $props = $inertiaProps['page']['props'];
+            $this->assertArrayHasKey('enabled', $props);
+            $this->assertArrayHasKey('confirmed', $props);
+            $this->assertArrayHasKey('recoveryCodes', $props);
+            $this->assertFalse($props['enabled']);
+            $this->assertFalse($props['confirmed']);
+        } else {
+            // Fallback: check for expected strings in HTML (legacy/SSR)
+            $response->assertSee('Two Factor Authentication');
+            $response->assertSee('Disabled');
+        }
     }
 
     public function test_can_enable_two_factor_authentication()
     {
         $user = User::factory()->create();
-
         $this->actingAs($user);
-        
-        $component = LivewireVolt::test('settings.two-factor')
-            ->call('enable')
-            ->assertSet('enabled', true);
-            
-        $this->assertTrue($component->enabled);
-        
-        // Verify the database was updated with two-factor secret and recovery codes
+
+        // Simulate enabling 2FA via POST
+        $response = $this->post('/settings/two-factor');
+        $response->assertRedirect(); // Should redirect after enabling
+
         $user->refresh();
         $this->assertNotNull($user->two_factor_secret);
         $this->assertNotNull($user->two_factor_recovery_codes);
@@ -69,8 +78,20 @@ public function test_can_manually_enable_two_factor_authentication()
             ->get('/settings/two-factor');
 
         $response->assertStatus(200);
-        $response->assertSee('Enabled');
-        $response->assertSee('2FA Recovery Codes');
+        // For Inertia/React, check the JSON response props instead of HTML content
+        $inertiaProps = $response->original?->getData() ?? [];
+        if (isset($inertiaProps['page']['props'])) {
+            $props = $inertiaProps['page']['props'];
+            $this->assertTrue(
+                ($props['enabled'] ?? false) === true,
+                '2FA should be enabled in page props.'
+            );
+            $this->assertArrayHasKey('recoveryCodes', $props);
+        } else {
+            // Fallback: check for expected strings in HTML (for legacy Inertia SSR)
+            $response->assertSee('Enabled');
+            $response->assertSee('2FA Recovery Codes');
+        }
     }
 
     public function test_user_with_two_factor_enabled_is_redirected_to_challenge_page_after_login()
@@ -93,17 +114,15 @@ public function test_user_with_two_factor_enabled_is_redirected_to_challenge_pag
         ])->save();
 
         // Attempt to login and check for redirect
-        $component = LivewireVolt::test('auth.login')
-            ->set('email', $user->email)
-            ->set('password', 'password')
-            ->call('login');
-            
-        // Check for redirect to two-factor challenge page
-        $component->assertRedirect('/two-factor-challenge');
-        
+        $response = $this->post('/login', [
+            'email' => $user->email,
+            'password' => 'password',
+        ]);
+        $response->assertRedirect('/two-factor-challenge');
+
         // Also verify the session has the login.id value set
-        $this->assertTrue(Session::has('login.id'));
-        $this->assertEquals($user->id, Session::get('login.id'));
+        $this->assertTrue(session()->has('login.id'));
+        $this->assertEquals($user->id, session('login.id'));
     }
 
     public function test_can_authenticate_with_recovery_code()
@@ -131,20 +150,20 @@ public function test_can_authenticate_with_recovery_code()
         // Get the first recovery code
         $recoveryCode = $recoveryCodes[0];
 
-        // Test authentication with recovery code
-        $component = LivewireVolt::test('auth.two-factor-challenge')
-            ->set('recovery', true)
-            ->set('recovery_code', $recoveryCode)
-            ->call('submit_recovery_code');
+        // Test authentication with recovery code via POST
+        $response = $this->post('/two-factor-challenge', [
+            'recovery_code' => $recoveryCode,
+        ]);
+        $response->assertRedirect('/dashboard');
 
         // Verify the recovery code was removed
         $user->refresh();
         $updatedRecoveryCodes = json_decode(decrypt($user->two_factor_recovery_codes));
         $this->assertCount(count($recoveryCodes) - 1, $updatedRecoveryCodes);
         $this->assertNotContains($recoveryCode, $updatedRecoveryCodes);
-        
+
         // Verify the session was cleared
-        $this->assertFalse(Session::has('login.id'));
+        $this->assertFalse(session()->has('login.id'));
     }
 
     public function test_unauthenticated_user_is_redirected_to_login_when_accessing_two_factor_challenge()
@@ -230,9 +249,10 @@ public function test_can_disable_two_factor_authentication()
         // Test disabling 2FA
         $this->actingAs($user);
 
-        $component = LivewireVolt::test('settings.two-factor');
-        $component->call('disable');
-        
+        // Simulate disabling 2FA via DELETE
+        $response = $this->delete('/settings/two-factor');
+        $response->assertRedirect();
+
         // Verify the user's 2FA settings were cleared
         $user->refresh();
         $this->assertNull($user->two_factor_secret);