Passwordless Authentication with Laravel

Sign in Get started

This episode is for members only

Sign up to access "Passwordless Authentication with Laravel" right now.

Already a member? Sign in to continue

Playing

10. Testing the registration flow

Episodes

0%

Your progress

Total: 58m
Played: 0m
Remaining: 58m

Join or sign in to track your progress

01. Introduction and demo

02. Crafting the login page

03. Making use of Laravel Actions

04. The magic login link email

05. Generating a signed URL for authentication

06. Authenticating the user securely

07. Registering users

08. Sending the magic login link again

09. Testing the login flow

10. Testing the registration flow

Transcript

00:00

OK, so we're going to get started on testing the registration flow. So let's go ahead and say PEST test and register test. And we're going to head over to the login test and just grab some of the boilerplate here, like the refresh database trait.

00:14

So let's go over to our register test and let's go and check out what we have here. We can get rid of all of this and let's pull this in and go ahead and use that refresh database. Trait inside of that, great.

00:32

OK, so for registration, let's fly through some of the validation stuff because that's pretty straightforward, ensures the email is valid. And again, we already kind of have that within here. So let's actually steal that and just go ahead and replace that in there.

00:48

So ensure the email address is valid. This time it's true to register and the email needs to be something like nope. And that should be it. So let's run our test.

01:01

What you can do is specifically run the test that you want by going into the directory. So let's just specifically run the register test here and you can see, sure enough, that's passed. We know that that works.

01:12

So we want to make sure that the name is included. So ensure the name is present, whatever you want to say. And in here, we're going to go ahead and just say Alex at CodeCourse.com. We're going to exclude the name and check that the name is within our errors.

01:30

Let's run that. We get two passed. Great. And the next thing is checking that the email doesn't already exist when we register, so that's a really important one.

01:39

So ensure the name or the email. Address does not exist already, whatever you want to say. And in here, it's a little bit different because we need to pre-create a user that already exists in the database.

01:56

So as much as higher order functions are nice, we're going to go ahead and create a closure in here to make this a little bit easier. We're going to create a user out using our user factory. And let's just make sure we put the namespace in for user here.

02:10

And we're going to create that out with a predefined email address. So let's say Alex at CodeCourse.com again. And then we're going to go ahead and try and hit that route to register an email with the same one.

02:23

So auth and register. And the email here is going to be the email address of the user that already exists in the database, which is, of course, not what we want for this. For the actual entire validation to pass, we need to give a name.

02:38

So let's do that now. And we're going to go ahead and say a search session has errors for the email. And that's it. So let's go ahead and run our test here,

02:46

specifically the register test, and there we go. We know that that works as well. So the last test here is just going to be that it registers a user. So we need to make sure that they actually get put into the database,

02:58

but also that it sends a magic login link to them. So it registers a user and sends a magic login link. So we can go ahead and get rid of all of this here. The first thing that I'm going to do is

03:14

pull in the mail facade and fake this, because I know that we're going to be sending emails as part of this test, so we want to make sure they're faked. And then we want to go ahead and just register a user by posting through to auth and register.

03:26

Remember, at this point, the migrations would have been rerun. Everything would have been reset. We won't have any email addresses or any users in the database. So let's just choose the credentials that we want to register with here.

03:38

Let's say Alex at Cocos.com. And we'll go ahead and give a name in here. Of course, we need validation to pass to make this work. So because we have the Pest Laravel plugin

03:50

installed, we can use the assert database has method, assert database has. And we want to make sure it's in the users table. So we can either pass in the users table like this. Or we can give the fully qualified

04:09

namespace to the model, which I prefer to do, and that will automatically give you the users table name. Now, we just want to make sure the correct credentials are in the database. So Alex at Cocos.com.

04:21

And we want to make sure that name is Alex. So basically register a user and then check in the users table if the email and the name exists. Let's go ahead and run our tests here.

04:33

And sure enough, that passes. So we know that at this point, the user actually gets created. Of course, if we were to go over to create user. And we got rid of this, it's not going to work.

04:46

So let's just try that out really quickly. And we get a failure, so it's pretty obvious, but there we go. So as part of this, we know that we send an email. So again, we're going to go ahead and say mail assert sent.

05:00

And we want to make sure that the magic login link is sent as part of the registration flow. Again, we can go ahead and bring in that closure as well if we want to. What you can also do if you want to kind of tidy this up,

05:11

you can use a shorthand closure in here. So you'll get the mail instance in here, which we know is a mailable. Let's just pull the namespace in for that. And we can go ahead and check mail has two.

05:25

And the benefit of this is we don't need to bring the user into scope here. User and email, and there we go. And yeah, we can't actually do that, can we? So why don't we, because the email is a pretty important part of this test.

05:39

Just go ahead and. Assign that everywhere as an email variable, just so that looks a little bit cleaner. So we're keeping track of that here, which we can use here and of course down here.

05:51

So again, let's run our tests and we're good. So now we have covered we could add more, but we've covered pretty much the login and the register flow to make sure the important parts are covered and now all of our tests are passing, which is great.

Episode summary

In this episode, we dive into testing the registration flow of our application. We kick things off by setting up a new test using Pest, and borrowing some boilerplate from our login tests to speed things up, like using the RefreshDatabase trait to ensure a clean slate for each test.

We run through the main types of validation that the registration form needs: checking if the email is valid, making sure a name is provided, and verifying the email hasn't already been used. For the duplicate email test, we set up a user in the database first, then attempt to register with the same email to see if we get the expected error.

Then, we move on to the core registration functionality – making sure a real user can be successfully registered. We post valid registration data and use assertions to confirm that the new user's data shows up in the database. We also double-check that our app sends a magic login link via email when someone registers (using Laravel's mail fakes for testing).

Throughout the process, we run and re-run our tests to confirm everything's working. By the end of the video, we've got solid test coverage for the registration flow, so we can feel good knowing users can sign up and get their magic login link, and that all the basic validation is enforced.

Episode discussion

No comments, yet. Be the first!