Reworked api login to just need a session_key for everything

t/api/login.t

@@ -0,0 +1,73 @@
+use Mojo::Base -strict;
+
+use Test::More;
+use Mojo::JSON;
+use Test::Pear::LocalLoop;
+
+my $framework = Test::Pear::LocalLoop->new;
+my $t = $framework->framework;
+my $schema = $t->app->schema;
+
+my $account_token = 'a';
+my $email = 'rufus@shinra.energy';
+my $password = 'MakoGold';
+
+$schema->resultset('AccountToken')->create({
+  accounttokenname => $account_token
+});
+
+my $test_json = {
+  'usertype' => 'customer', 
+  'token' => $account_token, 
+  'username' =>  'RufusShinra', 
+  'email' => $email, 
+  'postcode' => 'LA1 1AA', 
+  'password' => $password, 
+  'age' => '20-35'
+};
+$t->post_ok('/api/register' => json => $test_json)
+  ->status_is(200)
+  ->json_is('/success', Mojo::JSON->true);
+use Data::Dumper;
+
+is $schema->resultset('User')->count, 1, 'found a user';
+
+$t->post_ok('/api' => json => {
+    session_key => 'invalid',
+  })
+  ->status_is(401)
+  ->json_is('/success', Mojo::JSON->false)
+  ->json_like('/message', qr/Invalid Session/);
+
+$t->post_ok('/api/login' => json => {
+    email => 'nonexistant@test.com',
+    password => 'doesnt matter',
+  })
+  ->status_is(401)
+  ->json_is('/success', Mojo::JSON->false);
+
+$t->post_ok('/api/login' => json => {
+    email => $email,
+    password => $password,
+  })
+  ->status_is(200)
+  ->json_is('/success', Mojo::JSON->true)
+  ->json_has('/session_key');
+
+my $session_key = $t->tx->res->json->{session_key};
+
+$t->post_ok('/api' => json => { session_key => $session_key })
+  ->status_is(200)
+  ->json_is('/success', Mojo::JSON->true)
+  ->json_like('/message', qr/Successful Auth/);
+
+is $schema->resultset('SessionToken')->count, 1, 'One Session';
+
+$t->post_ok('/api/logout' => json => { session_key => $session_key })
+  ->status_is(200)
+  ->json_is('/success', Mojo::JSON->true)
+  ->json_like('/message', qr/Logged Out/);
+
+is $schema->resultset('SessionToken')->count, 0, 'No Sessions';
+
+done_testing;

t/login.t

@@ -1,43 +1,55 @@
+use Mojo::Base -strict;
+
+use File::Temp;
 use Test::More;
 use Test::Mojo;
 use Mojo::JSON;
 use Time::Fake;
 
-use FindBin;
+my $file = File::Temp->new;
 
-BEGIN {
-  $ENV{MOJO_MODE} = 'testing';
-  $ENV{MOJO_LOG_LEVEL} = 'debug';
+print $file <<'END';
+{
+  dsn => "dbi:SQLite::memory:",
+  user => undef,
+  pass => undef,
 }
+END
+$file->seek( 0, SEEK_END );
 
-my $t = Test::Mojo->new("Pear::LocalLoop");
+$ENV{MOJO_CONFIG} = $file->filename;
 
-my $dbh = $t->app->db;
+my $t = Test::Mojo->new('Pear::LocalLoop');
+my $schema = $t->app->schema;
+$schema->deploy;
 
-#Dump all pf the test tables and start again.
-my $sqlDeployment = Mojo::File->new("$FindBin::Bin/../dropschema.sql")->slurp;
-for (split ';', $sqlDeployment){
-  $dbh->do($_) or die $dbh->errstr;
-}
+$schema->resultset('AgeRange')->populate([
+  [ qw/ agerangestring / ],
+  [ '20-35' ],
+  [ '35-50' ],
+  [ '50+' ],
+]);
 
-my $sqlDeployment = Mojo::File->new("$FindBin::Bin/../schema.sql")->slurp;
-for (split ';', $sqlDeployment){
-  $dbh->do($_) or die $dbh->errstr;
-}
+$schema->resultset('AccountToken')->create({
+  accounttokenname => 'a',
+});
 
 my $accountToken = 'a';
-my $tokenStatement = $dbh->prepare('INSERT INTO AccountTokens (AccountTokenName) VALUES (?)');
-$tokenStatement->execute($accountToken);
 
 my $sessionTimeSeconds = 60 * 60 * 24 * 7; #1 week.
-my $sessionTokenJsonName = 'sessionToken';
+my $sessionTokenJsonName = 'session_key';
 my $sessionExpiresJsonName = 'sessionExpires';
 
+my $location_is = sub {
+  my ($t, $value, $desc) = @_;
+  $desc ||= "Location: $value";
+  local $Test::Builder::Level = $Test::Builder::Level + 1;
+  return $t->success(is($t->tx->res->headers->location, $value, $desc));
+};
 
 #This depends on "register.t" working
 
 #Valid customer, this also tests that redirects are disabled for register.
-print "test 1 - Initial create user account\n";
 my $email = 'rufus@shinra.energy';
 my $password = 'MakoGold';
 my $testJson = {
@@ -53,9 +65,7 @@ $t->post_ok('/api/register' => json => $testJson)
   ->status_is(200)
   ->json_is('/success', Mojo::JSON->true);
 
-
 #Test login, this also checks that redirects are disabled for login when logged out.
-print "test 2 - Login (cookies)\n";
 $testJson = {
   'email' => $email,
   'password' => $password,
@@ -63,26 +73,7 @@ $testJson = {
 $t->post_ok('/api/login' => json => $testJson)
   ->status_is(200)
   ->json_is('/success', Mojo::JSON->true)
-  ->json_has("/$sessionTokenJsonName")
-  ->json_has("/$sessionExpiresJsonName");
-
-print "test 3 - Login, no redirect on login paths (cookies)\n";
-#No redirect, as you're logged in.
-$t->get_ok('/api/')
-  ->status_is(200);
-
-my $location_is = sub {
-  my ($t, $value, $desc) = @_;
-  $desc ||= "Location: $value";
-  local $Test::Builder::Level = $Test::Builder::Level + 1;
-  return $t->success(is($t->tx->res->headers->location, $value, $desc));
-};
-
-print "test 4 - Login, redirect to root as already logged in (cookies)\n";
-#Check for redirect to root when logged in.
-$t->get_ok('/api/login')
-  ->status_is(303)
-  ->$location_is('/api');
+  ->json_has("/$sessionTokenJsonName");
 
 
 #Does login/logout work with a cookie based session.

t/register.t

@@ -1,33 +1,12 @@
 use Mojo::Base -strict;
 
-use File::Temp;
 use Test::More;
-use Test::Mojo;
 use Mojo::JSON;
+use Test::Pear::LocalLoop;
 
-my $file = File::Temp->new;
-
-print $file <<'END';
-{
-  dsn => "dbi:SQLite::memory:",
-  user => undef,
-  pass => undef,
-}
-END
-$file->seek( 0, SEEK_END );
-
-$ENV{MOJO_CONFIG} = $file->filename;
-
-my $t = Test::Mojo->new('Pear::LocalLoop');
+my $framework = Test::Pear::LocalLoop->new;
+my $t = $framework->framework;
 my $schema = $t->app->schema;
-$schema->deploy;
-
-$schema->resultset('AgeRange')->populate([
-  [ qw/ agerangestring / ],
-  [ '20-35' ],
-  [ '35-50' ],
-  [ '50+' ],
-]);
 
 #Variables to be used for uniqueness when testing.
 my @names = ('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');