Add type coverage tests

README.md

@@ -28,11 +28,12 @@
 * API Documentation with Swagger
 * Laravel Pint configuration (very opinionated)
 * Pest v2 for Tests
+* Type Coverage Tests
 * Base classes to speed up the development
 * DTOs with [Laravel Validated DTO](https://github.com/WendellAdriel/laravel-validated-dto)
 * Slack Client for notifications
 * API structured in modules
-* Laravel Sanctum for Authentication
+* JWT for Authentication
 * Users management out-of-the-box with simple roles system
 * Logs on DB for user logins and for actions made on models
 * [Strictus](https://github.com/php-strictus/strictus) for enforcing local variable types

app/Exceptions/Handler.php

@@ -57,7 +57,7 @@ public function register(): void
         });
     }
 
-    public function render($request, Throwable $exception)
+    public function render($request, Throwable $exception) // @pest-ignore-type
     {
         if ($exception instanceof \Illuminate\Auth\AuthenticationException) {
             return $this->error($exception, Response::HTTP_UNAUTHORIZED, 'Unauthenticated');
@@ -81,7 +81,7 @@ public function render($request, Throwable $exception)
         return $this->error($exception, Response::HTTP_INTERNAL_SERVER_ERROR);
     }
 
-    protected function unauthenticated($request, \Illuminate\Auth\AuthenticationException $exception)
+    protected function unauthenticated($request, \Illuminate\Auth\AuthenticationException $exception) // @pest-ignore-type
     {
         return $this->error($exception, Response::HTTP_UNAUTHORIZED, 'Unauthenticated');
     }

app/Http/Kernel.php

@@ -41,7 +41,6 @@ class Kernel extends HttpKernel
         ],
 
         'api' => [
-            \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
             \Illuminate\Routing\Middleware\ThrottleRequests::class . ':api',
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
             \Exa\Http\Middlewares\BlockViewerUsers::class,

app/Http/Middleware/ValidateSignature.php

@@ -13,7 +13,7 @@ class ValidateSignature extends Middleware
      *
      * @var array<int, string>
      */
-    protected $except = [
+    protected array $except = [
         // 'fbclid',
         // 'utm_campaign',
         // 'utm_content',

composer.json

@@ -61,11 +61,15 @@
         "test": [
             "pest"
         ],
+        "test:types": [
+            "pest --type-coverage --min=100 app/ exa/ modules/"
+        ],
         "swagger": [
             "sh ./tools/swagger.sh"
         ],
         "prepare": [
             "pint --dirty",
+            "@test:types",
             "@swagger"
         ],
         "post-autoload-dump": [

config/cors.php

@@ -17,7 +17,7 @@
     |
     */
 
-    'paths' => ['api/*', 'sanctum/csrf-cookie'],
+    'paths' => ['*'],
 
     'allowed_methods' => ['*'],
 

exa/Http/Middlewares/BlockViewerUsers.php

@@ -11,7 +11,7 @@
 
 final class BlockViewerUsers
 {
-    public function handle(Request $request, Closure $next)
+    public function handle(Request $request, Closure $next): Closure
     {
         $user = Auth::user();
         if (is_null($user)) {

exa/Http/Middlewares/HasRole.php

@@ -20,7 +20,7 @@ public function __construct(private HasRoleAction $action)
     /**
      * @throws AccessDeniedException
      */
-    public function handle(Request $request, Closure $next, string $role)
+    public function handle(Request $request, Closure $next, string $role): Closure
     {
         $user = Auth::user();
         if (is_null($user)) {

exa/Http/Responses/ApiErrorResponse.php

@@ -19,7 +19,7 @@ public function __construct(
     ) {
     }
 
-    public function toResponse($request): JsonResponse
+    public function toResponse($request): JsonResponse // @pest-ignore-type
     {
         $response = ['message' => $this->message];
 

exa/Http/Responses/ApiSuccessResponse.php

@@ -18,7 +18,7 @@ public function __construct(
     ) {
     }
 
-    public function toResponse($request): JsonResponse
+    public function toResponse($request): JsonResponse // @pest-ignore-type
     {
         return response()->json(
             $this->resource->toArray($request),

exa/Http/Responses/NoContentResponse.php

@@ -15,7 +15,7 @@ public function __construct(
     ) {
     }
 
-    public function toResponse($request): Response
+    public function toResponse($request): Response // @pest-ignore-type
     {
         return response()->noContent($this->code, $this->headers);
     }

exa/Services/SlackClient.php

@@ -67,7 +67,7 @@ private function formatUsersToMention(array $users): string
             return '';
         }
 
-        $formatted = array_map(fn ($user) => "<@{$user}>", $users);
+        $formatted = array_map(fn (string $user) => "<@{$user}>", $users);
 
         return implode(', ', $formatted);
     }

modules/Auth/Actions/UpdateUser.php

@@ -20,7 +20,7 @@ public function handle(string $uuid, UpdateUserDTO $dto): User
     {
         $authUser = Auth::user();
         $user = $this->fetchUser->handle($uuid);
-        $updateData = collect($dto->toArray())->filter(fn ($item) => ! is_null($item))->toArray();
+        $updateData = collect($dto->toArray())->filter(fn (string|bool|null $item) => ! is_null($item))->toArray();
 
         if (! $authUser->is_admin) {
             unset($updateData['role'], $updateData['active']);

modules/Auth/Models/User.php

@@ -11,14 +11,12 @@
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
-use Laravel\Sanctum\HasApiTokens;
 use Modules\Auth\Support\Role;
 use Modules\Auth\Traits\HasRole;
 
 class User extends Authenticatable
 {
     use CommonQueries,
-        HasApiTokens,
         HasFactory,
         HasRole,
         HasUuidField,
@@ -49,7 +47,7 @@ class User extends Authenticatable
         'role' => Role::REGULAR->value,
     ];
 
-    protected static function booted()
+    protected static function booted(): void
     {
         static::addGlobalScope('active-users', fn (Builder $builder) => $builder->where('active', true));
     }

modules/Auth/Routes/v1.php

@@ -11,7 +11,7 @@
 Route::post('auth/login', [AuthController::class, 'login']);
 
 // Protected Routes
-Route::middleware('auth:sanctum')->group(function () {
+Route::middleware('auth')->group(function () {
     Route::prefix('auth')->group(function () {
         Route::post('logout', [AuthController::class, 'logout']);
         Route::get('me', [AuthController::class, 'user']);

modules/Common/Routes/v1.php

@@ -5,6 +5,6 @@
 // Public Routes
 
 // Protected Routes
-Route::middleware('auth:sanctum')->group(function () {
+Route::middleware('auth')->group(function () {
     //
 });

phpunit.xml

@@ -22,6 +22,8 @@
   <source>
     <include>
       <directory suffix=".php">./app</directory>
+      <directory suffix=".php">./exa</directory>
+      <directory suffix=".php">./modules</directory>
     </include>
   </source>
 </phpunit>