Oct 21, 2016
0
Level 3
Problems with middleware (auth:api) on non-GET requests
Hey guys, I'm giving a try to the new api stuff on laravel 5.3. It works great on the app itself or in apps like insomnia or postman; but is making me crazy on the tests.
Basically, app goes nuts on any non-GET requests.
For example, this test passes:
/** @test */
public function index_should_retrieve_list_of_users_categories()
{
$data = ['api_token' => $this->user->api_token];
$response = $this->call('GET', route('categories.index'), $data);
$this->seeStatusCode(200);
$this->assertJson($response->getContent());
$this->seeJsonStructure([
'*' => ['id', 'user_id', 'name', 'color'],
]);
$data = json_decode($response->getContent(), true);
// check all items returned belong to user
foreach ($data as $item) {
$this->assertTrue($item['user_id'] == $this->user->id);
}
}
But when trying this other:
/** @test */
public function store_should_store_a_new_category()
{
$data = [
'api_token' => $this->user->api_token,
'name' => 'test category',
'color' => '#123456'
];
$response = $this->call('POST', route('categories.store'), $data);
$this->seeStatusCode(200);
$this->assertJson($response->getContent());
$this->seeJsonStructure([
'user_id',
'name',
'color'
]);
$answer = json_decode($response->getContent(), true);
$this->assertTrue($answer['user_id'] == $this->user->id);
$this->assertTrue($answer['name'] == $data['name']);
$this->assertTrue($answer['color'] == $data['color']);
}
It fails receiving a 302 redirect to /login.
If I'm sending api_token for both requests, how can I be properly authenticated for the first one but not for the second?
Again, it works on any manual test I've tried (cURL requests on teh console, browser, insomnia, postman, etc.); it only fails on phpUnit. I don't understand why.
Please or to participate in this conversation.