bitstream/fuel-price
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: prevent sensitive field leaks in /me, add retry logic to Brent price sources
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (8.3) (push) Has been cancelled
Details
tests / ci (8.4) (push) Has been cancelled
Details
tests / ci (8.5) (push) Has been cancelled
Details

Browse Source 
- Made `/api/auth/me` public and return explicit allowlist (name, email,
  two_factor_confirmed_at, tier, subscription fields) instead of spreading
  `$user->toArray()` which leaked is_admin, stripe_id, pm_type, pm_last_four,
  postcode. Returns `null` when unauthenticated rather than 401.
- Moved `/auth/logout` to remain behind auth:sanctum gate.
- Added 3×200ms retry with exponential backoff to EiaBrentPriceSource and
  FredBrentPriceSource on ConnectionException or 5xx responses. Timeout
  raised from 10s to 30s.
- Both sources now throw typed BrentPriceFetchException on exhausted retries
  instead of silently returning null + logging. Updated tests to assert
  exception message includes HTTP status or "connection failed".
This commit is contained in:
Ovidiu U
2026-05-01 13:22:36 +01:00
parent df70e514e9
commit 73de53994f
6 changed files with 145 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
tests/Feature/Api/AuthControllerTest.php
View File

@@ -69,6 +69,41 @@ it('returns the authenticated user on /me', function () {
->assertJsonPath('email', $user->email);
});
it('does not leak sensitive or internal user fields on /me', function () {
$user = User::factory()->create([
'is_admin' => true,
'stripe_id' => 'cus_secret',
'pm_type' => 'visa',
'pm_last_four' => '4242',
'postcode' => 'SW1A 1AA',
]);
$user->subscriptions()->create([
'type' => 'default',
'stripe_id' => 'sub_secret',
'stripe_status' => 'active',
'stripe_price' => 'price_plus_monthly',
'quantity' => 1,
]);
$response = $this->actingAs($user, 'sanctum')
->getJson('/api/auth/me')
->assertOk();
$payload = $response->json();
expect(array_keys($payload))->toEqualCanonicalizing([
'name',
'email',
'two_factor_confirmed_at',
'tier',
'subscription_cancelled',
'subscription_cadence',
'subscribed_at',
'subscription_expires_at',
]);
});
it('reports subscription_cancelled=false for a user with no subscription', function () {
$user = User::factory()->create();
@@ -215,6 +250,12 @@ it('logs out and revokes the token', function () {
expect($user->tokens()->count())->toBe(0);
});
it('returns 401 on protected routes without a token', function () {
$this->getJson('/api/auth/me')->assertUnauthorized();
it('returns null on /me when unauthenticated', function () {
$response = $this->getJson('/api/auth/me')->assertOk();
expect($response->getContent())->toBe('null');
});
it('returns 401 on protected routes without a token', function () {
$this->postJson('/api/auth/logout')->assertUnauthorized();
});