Merge branch 'main' into feat/two-factor-auth

pushpak1300 · pushpak1300 · commit 3c0bbaa5f7da · 2025-09-02T21:23:18.000+05:30
# Conflicts:
#	tests/Feature/Auth/AuthenticationTest.php
#	tests/Feature/Auth/PasswordResetTest.php
diff --git a/config/database.php b/config/database.php
@@ -158,6 +158,10 @@
             'password' => env('REDIS_PASSWORD'),
             'port' => env('REDIS_PORT', '6379'),
             'database' => env('REDIS_DB', '0'),
+            'max_retries' => env('REDIS_MAX_RETRIES', 3),
+            'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
+            'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
+            'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
         ],
 
         'cache' => [
@@ -167,6 +171,10 @@
             'password' => env('REDIS_PASSWORD'),
             'port' => env('REDIS_PORT', '6379'),
             'database' => env('REDIS_CACHE_DB', '1'),
+            'max_retries' => env('REDIS_MAX_RETRIES', 3),
+            'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
+            'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
+            'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
         ],
 
     ],
diff --git a/tests/Feature/Auth/AuthenticationTest.php b/tests/Feature/Auth/AuthenticationTest.php
@@ -4,6 +4,7 @@
 
 use App\Models\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Support\Facades\RateLimiter;
 use Laravel\Fortify\Features;
 use Tests\TestCase;
 
@@ -100,14 +101,7 @@ public function test_users_are_rate_limited()
     {
         $user = User::factory()->create();
 
-        for ($i = 0; $i < 5; $i++) {
-            $this->post(route('login.store'), [
-                'email' => $user->email,
-                'password' => 'wrong-password',
-            ])->assertStatus(302)->assertSessionHasErrors([
-                'email' => 'These credentials do not match our records.',
-            ]);
-        }
+        RateLimiter::increment(implode('|', [$user->email, '127.0.0.1']), amount: 10);
 
         $response = $this->post(route('login.store'), [
             'email' => $user->email,
diff --git a/tests/Feature/Auth/EmailVerificationTest.php b/tests/Feature/Auth/EmailVerificationTest.php
@@ -45,6 +45,8 @@ public function test_email_is_not_verified_with_invalid_hash()
     {
         $user = User::factory()->unverified()->create();
 
+        Event::fake();
+
         $verificationUrl = URL::temporarySignedRoute(
             'verification.verify',
             now()->addMinutes(60),
@@ -53,14 +55,15 @@ public function test_email_is_not_verified_with_invalid_hash()
 
         $this->actingAs($user)->get($verificationUrl);
 
+        Event::assertNotDispatched(Verified::class);
         $this->assertFalse($user->fresh()->hasVerifiedEmail());
     }
 
     public function test_email_is_not_verified_with_invalid_user_id(): void
     {
-        $user = User::factory()->create([
-            'email_verified_at' => null,
-        ]);
+        $user = User::factory()->unverified()->create();
+
+        Event::fake();
 
         $verificationUrl = URL::temporarySignedRoute(
             'verification.verify',
@@ -70,25 +73,25 @@ public function test_email_is_not_verified_with_invalid_user_id(): void
 
         $this->actingAs($user)->get($verificationUrl);
 
+        Event::assertNotDispatched(Verified::class);
         $this->assertFalse($user->fresh()->hasVerifiedEmail());
     }
 
     public function test_verified_user_is_redirected_to_dashboard_from_verification_prompt(): void
     {
-        $user = User::factory()->create([
-            'email_verified_at' => now(),
-        ]);
+        $user = User::factory()->create();
+
+        Event::fake();
 
         $response = $this->actingAs($user)->get(route('verification.notice'));
 
+        Event::assertNotDispatched(Verified::class);
         $response->assertRedirect(route('dashboard', absolute: false));
     }
 
     public function test_already_verified_user_visiting_verification_link_is_redirected_without_firing_event_again(): void
     {
-        $user = User::factory()->create([
-            'email_verified_at' => now(),
-        ]);
+        $user = User::factory()->create();
 
         Event::fake();
 
@@ -101,7 +104,7 @@ public function test_already_verified_user_visiting_verification_link_is_redirec
         $this->actingAs($user)->get($verificationUrl)
             ->assertRedirect(route('dashboard', absolute: false).'?verified=1');
 
-        $this->assertTrue($user->fresh()->hasVerifiedEmail());
         Event::assertNotDispatched(Verified::class);
+        $this->assertTrue($user->fresh()->hasVerifiedEmail());
     }
 }
diff --git a/tests/Feature/Auth/PasswordResetTest.php b/tests/Feature/Auth/PasswordResetTest.php
@@ -39,16 +39,9 @@ public function test_reset_password_screen_can_be_rendered()
         $this->post(route('password.email'), ['email' => $user->email]);
 
         Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) {
-            $response = $this->get(route('password.reset', $notification->token).'?email='.$user->email);
-
-            $response->assertStatus(200)
-                ->assertInertia(fn ($page) => $page
-                    ->component('auth/ResetPassword')
-                    ->has('email')
-                    ->has('token')
-                    ->where('email', $user->email)
-                    ->where('token', $notification->token)
-                );
+            $response = $this->get(route('password.reset', $notification->token));
+
+            $response->assertStatus(200);
 
             return true;
         });
diff --git a/tests/Feature/Auth/VerificationNotificationTest.php b/tests/Feature/Auth/VerificationNotificationTest.php
@@ -16,9 +16,7 @@ public function test_sends_verification_notification(): void
     {
         Notification::fake();
 
-        $user = User::factory()->create([
-            'email_verified_at' => null,
-        ]);
+        $user = User::factory()->unverified()->create();
 
         $this->actingAs($user)
             ->post(route('verification.send'))
@@ -31,9 +29,7 @@ public function test_does_not_send_verification_notification_if_email_is_verifie
     {
         Notification::fake();
 
-        $user = User::factory()->create([
-            'email_verified_at' => now(),
-        ]);
+        $user = User::factory()->create();
 
         $this->actingAs($user)
             ->post(route('verification.send'))
