wasl/Backend/tests/Feature/AuthTest.php

<?php

namespace Tests\Feature;

use Tests\TestCase;
use App\Models\User;
use App\Models\OtpCode;
use App\Models\Wallet;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Support\Facades\Hash;

class AuthTest extends TestCase
{
    use RefreshDatabase;

    public function test_user_can_register()
    {
        $response = $this->postJson('/api/register', [
            'full_name' => 'Adnan Khoury',
            'phone_number' => '+963933111222',
            'password' => 'SecurePassword123',
        ]);

        $response->assertStatus(201)
            ->assertJsonStructure(['message', 'uuid', 'otp']);

        $uuid = $response->json('uuid');

        $this->assertDatabaseHas('users', [
            'uuid' => $uuid,
            'full_name' => 'Adnan Khoury',
        ]);

        $user = User::where('uuid', $uuid)->first();

        $this->assertDatabaseHas('wallets', [
            'user_id' => $user->id,
            'currency_code' => 'SYP',
            'balance_minor' => 0,
        ]);
    }

    public function test_user_can_login_and_verify_otp()
    {
        // 1. Create a user
        $user = User::create([
            'full_name' => 'Samer Al-Ali',
            'phone_number' => '+963933222333',
            'phone_hash' => hash_phone('+963933222333'),
            'password' => Hash::make('password123'),
            'status' => \App\Enums\UserStatus::PENDING,
            'kyc_level' => 0,
        ]);

        // 2. Request login
        $response = $this->postJson('/api/login', [
            'phone_number' => '+963933222333',
            'password' => 'password123',
        ]);

        $response->assertStatus(200)
            ->assertJsonStructure(['message', 'uuid', 'otp']);

        $otpCode = $response->json('otp');

        // 3. Verify OTP
        $verifyResponse = $this->postJson('/api/otp/verify', [
            'uuid' => $user->uuid,
            'code' => $otpCode,
        ]);

        $verifyResponse->assertStatus(200)
            ->assertJsonStructure(['message', 'access_token', 'token_type', 'user']);

        $token = $verifyResponse->json('access_token');

        // 4. Setup PIN
        $pinResponse = $this->withHeaders([
            'Authorization' => 'Bearer ' . $token,
        ])->postJson('/api/pin/setup', [
            'pin' => '123456',
        ]);

        $pinResponse->assertStatus(200)
            ->assertJsonStructure(['message']);
    }
}