edited routes name,

 edited AuthController,
 Created Auth end point tests

Author: code-architect

app/Http/Controllers/Auth/AuthController.php

@@ -60,4 +60,12 @@ public function register(Request $request)
         $user = $this->userService->create($request->all());
         return $this->response->item($request->user(), new UserTransformer());
     }
+
+
+    public function invalidate()
+    {
+        $token = $this->authService->parseToken();
+        $token->invalidate();
+        return $this->success();
+    }
 }

routes/api.php

@@ -39,10 +39,10 @@
         $router->group(['prefix' => 'auth'], function (Router $router) {
             $router->post('login', 'Auth\AuthController@login');
             $router->patch('refresh', 'Auth\AuthController@refreshToken');
-            $router->delete('invalidate', 'Auth\AuthController@deleteInvalidate');
+            $router->delete('invalidate', 'Auth\AuthController@invalidate');
             $router->post('register', 'Auth\AuthController@register');
 
-            $router->group(['middleware' => ['api.auth']], function (Router $router) {
+            $router->group(['middleware' => ['api.auth', 'role:root']], function (Router $router) {
                 $router->get('user', 'Auth\AuthController@getUser');
             });
         });

tests/Feature/AuthTest.php

@@ -12,42 +12,43 @@ class AuthTest extends TestCase
     public function testLoginLogout()
     {
         $user = factory(User::class)->create();
-//        $user->attachRole('root');
+        $user->attachRole('root');
         $user->save();
-
-        $response = $this->post('/api/auth/login',[
-           'email'      =>  $user->email,
-            'password'  =>  'secret'
+        // Login
+        $response = $this->post('/api/auth/login', [
+            'email' => $user->email,
+            'password' => 'secret'
         ]);
-        $response->assertStatus(200);
 
+        $response->assertStatus(200);
         $token = json_decode($response->getContent(), true)['data']['token'];
-
+        // Get the token. Query self.
         $this->refreshApplication();
-
-        $selfQueryResponse = $this->get('/api/auth/user',[
-            'Authorization' =>  'Bearer '.$token,
+        $selfQueryResponse = $this->get('/api/auth/user', [
+            'Authorization' => 'Bearer ' . $token,
         ]);
         $selfQueryResponse->assertStatus(200);
 
-        $tokenRefreshResponse = $this->patch('/api/auth/refresh',[
+        // Refresh token
+        $this->refreshApplication();
+        $tokenRefreshResponse = $this->patch('/api/auth/refresh', [
             //
-        ],[
-            'Authorization' =>  'Bearer '.$token,
+        ], [
+            'Authorization' => 'Bearer ' . $token,
         ]);
 
         $tokenRefreshResponse->assertStatus(200);
         $this->refreshApplication();
 
-        $logout = $this->delete('/api/auth/invalidate',[
-            'Authorization' =>  'Bearer '.$token,
+        // Logout
+        $logoutResponse = $this->delete('/api/auth/invalidate', [], [
+            'Authorization' => 'Bearer ' . $token,
         ]);
-        $logout->assertStatus(200);
-        $this->refreshApplication();
+        $logoutResponse->assertStatus(200);
 
-        $loggedoutTestQuery =  $this->get('/api/auth/users', [
-            'Authorization' =>  'Bearer '.$token,
-        ]);
-        $loggedoutTestQuery->assertStatus(401);
+        // Now you cannot query yourself
+        $this->refreshApplication();
+        $loggedOutTestQuery = $this->get('/api/auth/user');
+        $loggedOutTestQuery->assertStatus(401);
     }
 }