From bf48532ac1250a35d03201e38b182fc576ad9b2d Mon Sep 17 00:00:00 2001
From: Dave Smith-Hayes <me@davesmithhayes.com>
Date: Mon, 2 Dec 2024 20:03:50 +0000
Subject: [PATCH] Get the form key from the session first, and then send the
 request to create a user afterwards.

---
 .../User/RegisterUserActionTest.php           | 23 +++++++++++++++----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/app/tests/Controller/User/RegisterUserActionTest.php b/app/tests/Controller/User/RegisterUserActionTest.php
index d7cba17..a053c03 100644
--- a/app/tests/Controller/User/RegisterUserActionTest.php
+++ b/app/tests/Controller/User/RegisterUserActionTest.php
@@ -19,7 +19,7 @@ class RegisterUserActionTest extends TestCase
         ]);
     }
 
-    protected function createNewUserRequest(): Request
+    protected function createNewUserRequest(string $formKey = ""): Request
     {
         $user = $this->getUser();
         return $this->createRequest('POST', '/register')
@@ -27,11 +27,12 @@ class RegisterUserActionTest extends TestCase
                         'email' => $user->getEmail(),
                         'name' => $user->getName(),
                         'password' => $user->getPassword(),
-                        'checked_password' => $user->getPassword()
+                        'checked_password' => $user->getPassword(),
+                        'form_key' => $formKey,
                     ]);
     }
 
-    protected function createNewUserRequestWithMismatchedPasswords(): Request
+    protected function createNewUserRequestWithMismatchedPasswords(string $formKey = ""): Request
     {
         $user = $this->getUser();
         return $this->createRequest('POST', '/register')
@@ -39,10 +40,16 @@ class RegisterUserActionTest extends TestCase
                         'email' => $user->getEmail(),
                         'name' => $user->getName(),
                         'password' => $user->getPassword(),
-                        'checked_password' => 'no-math'
+                        'checked_password' => 'no-match',
+                        'form_key' => $formKey,
                     ]);
     }
 
+    protected function createNewUserRequestForFormKey(): Request
+    {
+        return $this->createRequest('GET', '/register');
+    }
+
 
     /**
      * Set up the Application, the DI Container, and the Repository mock
@@ -66,7 +73,13 @@ class RegisterUserActionTest extends TestCase
             $userRepository->reveal()
         );
 
-        $request = $this->createNewUserRequest(); 
+        // get the form key
+        $getUserRequest = $this->createNewUserRequestForFormKey();
+        $response = $app->handle($getUserRequest);
+        $formKey = $container->get(SessionInterface::class)->get("form_key");
+        $this->assertIsString($formKey);
+
+        $request = $this->createNewUserRequest($formKey); 
 
         $response = $app->handle($request);
         $this->assertEquals(200, $response->getStatusCode());