einundzwanzig/einundzwanzig-verein
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-nostr.git synced 2026-05-23 13:15:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
52cf81abca12455583ce80706268e20e19ce9701
einundzwanzig-verein/tests/Feature/Livewire/Association/Members/AdminTest.php
T
HolgerHatGarKeineNode 52cf81abca fix(auth): route all nostrLoggedIn listeners through signed-event verification 
The previous commit only updated auth-button + the WithNostrAuth trait,
but six Volt pages (profile, benefits, election/*, members/admin) carry
their own handleNostrLoggedIn(string $pubkey) handlers. The dispatched
payload is now an array, so Livewire's container could not resolve the
string parameter and threw BindingResolutionException on every login.

- All six per-page handlers now accept the signed event and route it
  through NostrAuth::loginWithSignedEvent() like the trait does.
- NostrAuth: add currentOrIssueChallenge() so the sidebar + navbar
  auth-button mounts share one live session challenge instead of
  overwriting each other.
- verifySignedEvent: pass a normalized stdClass to swentel's verify()
  directly, skipping an unnecessary json_encode + json_decode round-trip.
- auth-button: gate the global Escape/Tab capture so it only intercepts
  keys while the overlay is actually visible.
- Update three test files that still called handleNostrLoggedIn with a
  raw pubkey to authenticate via NostrAuth::login() instead.
2026-05-20 01:51:31 +02:00

76 lines
2.4 KiB
PHP
Raw Blame History

<?php
use App\Models\EinundzwanzigPleb;
use App\Support\NostrAuth;
use Livewire\Livewire;
it('denies access to unauthorized users', function () {
$pleb = EinundzwanzigPleb::factory()->create();
NostrAuth::login($pleb->pubkey);
Livewire::test('association.members.admin')
->assertSet('isAllowed', false)
->assertSee('Mitglieder können nicht bearbeitet werden');
});
it('grants access to authorized pubkeys', function () {
$allowedPubkeys = [
'0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033',
'430169631f2f0682c60cebb4f902d68f0c71c498fd1711fd982f052cf1fd4279',
'7acf30cf60b85c62b8f654556cc21e4016df8f5604b3b6892794f88bb80d7a1d',
'f240be2b684f85cc81566f2081386af81d7427ea86250c8bde6b7a8500c761ba',
'19e358b8011f5f4fc653c565c6d4c2f33f32661f4f90982c9eedc292a8774ec3',
'acbcec475a1a4f9481939ecfbd1c3d111f5b5a474a39ae039bbc720fdd305bec',
];
$pleb = EinundzwanzigPleb::factory()->create([
'pubkey' => $allowedPubkeys[0],
]);
NostrAuth::login($pleb->pubkey);
Livewire::test('association.members.admin')
->assertSet('isAllowed', true);
});
it('reflects an authorized nostr session on mount', function () {
$allowedPubkey = '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033';
EinundzwanzigPleb::factory()->create([
'pubkey' => $allowedPubkey,
]);
NostrAuth::login($allowedPubkey);
Livewire::test('association.members.admin')
->assertSet('isAllowed', true)
->assertSet('currentPubkey', $allowedPubkey);
});
it('clears state on nostr logout', function () {
$allowedPubkey = '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033';
EinundzwanzigPleb::factory()->create([
'pubkey' => $allowedPubkey,
]);
NostrAuth::login($allowedPubkey);
Livewire::test('association.members.admin')
->call('handleNostrLoggedOut')
->assertSet('isAllowed', false)
->assertSet('currentPubkey', null);
});
it('displays einundzwanzig pleb table when authorized', function () {
$allowedPubkey = '0adf67475ccc5ca456fd3022e46f5d526eb0af6284bf85494c0dd7847f3e5033';
$pleb = EinundzwanzigPleb::factory()->create([
'pubkey' => $allowedPubkey,
]);
NostrAuth::login($pleb->pubkey);
Livewire::test('association.members.admin')
->assertSet('isAllowed', true)
->assertSee('einundzwanzig-pleb-table');
});
Reference in New Issue View Git Blame Copy Permalink