Add test coverage for LoginManager methods

[github/shaarli/Shaarli.git] / application / security / LoginManager.php

diff --git a/application/security/LoginManager.php b/application/security/LoginManager.php
index 41fa9a20ee9c4d025e6ae72f59897e9c7c3c2f17..4946850b7ed9297bc24e04b6c642e1cf84c4f9c9 100644 (file)
--- a/application/security/LoginManager.php
+++ b/application/security/LoginManager.php
@@ -46,7 +46,7 @@ class LoginManager
         $this->sessionManager = $sessionManager;
         $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php');
         $this->readBanFile();
-        if ($this->configManager->get('security.open_shaarli')) {
+        if ($this->configManager->get('security.open_shaarli') === true) {
             $this->openShaarli = true;
         }
     }
@@ -80,8 +80,6 @@ class LoginManager
      *
      * @param array  $cookie     The $_COOKIE array
      * @param string $clientIpId Client IP address identifier
-     *
-     * @return bool true if the user session is valid, false otherwise
      */
     public function checkLoginState($cookie, $clientIpId)
     {
@@ -94,11 +92,12 @@ class LoginManager
         if (isset($cookie[self::$STAY_SIGNED_IN_COOKIE])
             && $cookie[self::$STAY_SIGNED_IN_COOKIE] === $this->staySignedInToken
         ) {
+            // The user client has a valid stay-signed-in cookie
+            // Session information is updated with the current client information
             $this->sessionManager->storeLoginInfo($clientIpId);
             $this->isLoggedIn = true;
-        }
 
-        if ($this->sessionManager->hasSessionExpired()
+        } elseif ($this->sessionManager->hasSessionExpired()
             || $this->sessionManager->hasClientIpChanged($clientIpId)
         ) {
             $this->sessionManager->logout();