lundi 24 septembre 2018

How can I fix csrf error making http-tests?

In my my laravel 5.7.3 application I do automatic tests as written here https://laravel.com/docs/5.7/http-tests

I create new user and open profile under this new user and try to modify some fields which are editable on this page. I got error putting changes :

"
Illuminate\Session\TokenMismatchException {#621
  #message: ""
  #code: 0
  #file: "./vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php"
  #line: 82
  trace: {
    ./vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php:82 { …}
    ./vendor/laravel/framework/src/Illuminate/Foundation/Testing/Concerns/MakesHttpRequests.php:223 { …}
    ...
    ./tests/Feature/ProfilepageTest.php:87 {
      › $response                     = $this->actingAs($newUser)->get('/profile/edit-details');
      › $response = $this->put( 'profile/edit-details-put', [ 'first_name' => 'Modified : '.$newUser->first_name, 'last_name' => 'Modified : '.$newUser->last_name, 'phone'=>'Modified : '.$newUser->phone, 'website'=>'Modified : '.$newUser->website, 'csrf_token'=> $csrf_token  ]);
      › 
      arguments: {
        $uri: "profile/edit-details-put"
        $data: array:5 [ …5]
      }
    }
    ./vendor/phpunit/phpunit/src/Framework/TestCase.php:1150 { …}

This error is triggered by my code :

<?php

namespace Tests\Feature;

use Tests\TestCase;
use DB;
use Illuminate\Foundation\Testing\WithFaker;

class ProfilePageTest extends TestCase  // vendor/bin/phpunit   tests/Feature/ProfilepageTest.php
{
    public function testProfilePage()
    {


        $csrf_token = csrf_token();
        ...
        $newUser                    = new User();
        $newUser->username          = 'Testing user on '.now();
        $newUser->email             = 'Testing_user_on_'.now().'@site.com';
        ...
        $newUser->save();
        $testing_user_id            = $newUser->id;
        ...


        $response                     = $this->actingAs($newUser)->get('/profile/edit-details');
        $response = $this->put( 'profile/edit-details-put', [ 'first_name' => 'Modified : '.$newUser->first_name, 'last_name' => 'Modified : '.$newUser->last_name, 'phone'=>'Modified : '.$newUser->phone, 'website'=>'Modified : '.$newUser->website, 'csrf_token'=> $csrf_token  ]);
        ...


    }
}

In my routes/web.php :

Route::group(array('prefix' => 'profile', 'middleware' => ['auth', 'isVerified']), function(){
    Route::put('edit-details-put', array(
        'as'      => 'profile-edit-details-put',
        'uses'    => 'ProfileController@update_details'
    ));

I use Auth bad jrean/laravel-user-verification pluging for checking of this url. and in the http-tests docs I found next :

The CSRF middleware is automatically disabled when running tests.

But anyway I got csrf error.

Why and how to fix it ?

Thanks!



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire