[tests] Added password recovery tests

tests/Feature/PasswordResetTest.php

+<?php
+
+namespace Tests\Feature;
+
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Foundation\Testing\WithFaker;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\URL;
+use Tests\TestCase;
+
+class PasswordResetTest extends TestCase
+{
+    use RefreshDatabase;
+
+    public function test_good()
+    {
+        $user = User::create([
+            'username' => 'test',
+            'email' => 'test@localhost',
+            'password' => Hash::make('test'),
+        ]);
+
+        $response = $this->get(URL::signedRoute('verification.verify', ['id' => $user->id, 'hash' => 'aaa']));
+        $response->assertStatus(200);
+
+        $response = $this->postJson('/api/auth/recover', [
+            "email" => "test@localhost"
+        ]);
+
+        $response->assertStatus(204);
+
+        DB::table('password_resets')->where('email', 'test@localhost')
+            ->update(['token' => Hash::make('test')]);
+        
+        $this->get('/recover/test')->assertStatus(200);
+
+        $response = $this->post('/reset-password', [
+            "email" => "test@localhost",
+            "token" => "test",
+            "password" => "testtest",
+            "password_confirmation" => "testtest"
+        ]);
+        $response->assertStatus(200);
+
+        $response = $this->postJson("/api/auth/login", [
+            "email" => "test@localhost",
+            "password" => "testtest",
+        ]);
+        $response->assertStatus(200);
+    }
+
+    public function test_invalid_user()
+    {
+        $user = User::create([
+            'username' => 'test',
+            'email' => 'test@localhost',
+            'password' => Hash::make('test'),
+        ]);
+
+        $response = $this->get(URL::signedRoute('verification.verify', ['id' => $user->id, 'hash' => 'aaa']));
+        $response->assertStatus(200);
+
+        $response = $this->postJson('/api/auth/recover', [
+            "email" => "testtest@localhost"
+        ]);
+
+        $response->assertStatus(401);
+    }
+
+    public function test_throttle()
+    {
+        $user = User::create([
+            'username' => 'test',
+            'email' => 'test@localhost',
+            'password' => Hash::make('test'),
+        ]);
+
+        $response = $this->get(URL::signedRoute('verification.verify', ['id' => $user->id, 'hash' => 'aaa']));
+        $response->assertStatus(200);
+
+        $response = $this->postJson('/api/auth/recover', [
+            "email" => "test@localhost"
+        ]);
+        $response->assertStatus(204);
+
+        $response = $this->postJson('/api/auth/recover', [
+            "email" => "test@localhost"
+        ]);
+        $response->assertStatus(429);
+    }
+
+    public function test_invalid_token()
+    {
+        $user = User::create([
+            'username' => 'test',
+            'email' => 'test@localhost',
+            'password' => Hash::make('test'),
+        ]);
+
+        $response = $this->get(URL::signedRoute('verification.verify', ['id' => $user->id, 'hash' => 'aaa']));
+        $response->assertStatus(200);
+
+        $response = $this->postJson('/api/auth/recover', [
+            "email" => "test@localhost"
+        ]);
+
+        $response->assertStatus(204);
+
+        DB::table('password_resets')->where('email', 'test@localhost')
+            ->update(['token' => Hash::make('test')]);
+        
+        $this->get('/recover/test')->assertStatus(200);
+
+        $response = $this->post('/reset-password', [
+            "email" => "test@localhost",
+            "token" => "testtest",
+            "password" => "testtest",
+            "password_confirmation" => "testtest"
+        ]);
+        $response->assertStatus(401);
+
+        $response = $this->postJson("/api/auth/login", [
+            "email" => "test@localhost",
+            "password" => "testtest",
+        ]);
+        $response->assertStatus(401);
+    }
+
+    public function test_invalid_mail()
+    {
+        $user = User::create([
+            'username' => 'test',
+            'email' => 'test@localhost',
+            'password' => Hash::make('test'),
+        ]);
+
+        $response = $this->get(URL::signedRoute('verification.verify', ['id' => $user->id, 'hash' => 'aaa']));
+        $response->assertStatus(200);
+
+        $response = $this->postJson('/api/auth/recover', [
+            "email" => "test@localhost"
+        ]);
+
+        $response->assertStatus(204);
+
+        DB::table('password_resets')->where('email', 'test@localhost')
+            ->update(['token' => Hash::make('test')]);
+        
+        $this->get('/recover/test')->assertStatus(200);
+
+        $response = $this->post('/reset-password', [
+            "email" => "testtest@localhost",
+            "token" => "test",
+            "password" => "testtest",
+            "password_confirmation" => "testtest"
+        ]);
+        $response->assertStatus(401);
+    }
+}