admin = User::factory()->create(['is_admin' => true]); $this->user = User::factory()->create(['is_admin' => false]); }); describe('Tokens Page', function () { it('allows any authenticated user to access the tokens page', function () { $this->actingAs($this->user); $response = $this->get(route('tokens')); $response->assertStatus(200); $response->assertSee('Authentication Tokens'); $response->assertSee('Manage your active authentication tokens'); }); it('allows admin users to access the tokens page', function () { $this->actingAs($this->admin); $response = $this->get(route('tokens')); $response->assertStatus(200); $response->assertSee('Authentication Tokens'); $response->assertSee('Manage your active authentication tokens'); }); it('redirects unauthenticated users to login', function () { $response = $this->get(route('tokens')); $response->assertRedirect(route('login')); }); it('shows the tokens navigation link to all authenticated users', function () { // Test regular user sees the link $this->actingAs($this->user); $response = $this->get(route('dashboard')); $response->assertSee('Tokens'); // Test admin user also sees the link $this->actingAs($this->admin); $response = $this->get(route('dashboard')); $response->assertSee('Tokens'); }); it('properly displays the page title', function () { $this->actingAs($this->user); $response = $this->get(route('tokens')); $response->assertSee('', false); }); it('shows empty state when user has no tokens', function () { $this->actingAs($this->user); $response = $this->get(route('tokens')); $response->assertSee('No tokens'); $response->assertSee('authorized any applications'); }); });