diff options
author | VirtualTam <virtualtam@flibidi.net> | 2017-10-22 18:44:46 +0200 |
---|---|---|
committer | VirtualTam <virtualtam@flibidi.net> | 2017-10-22 19:19:46 +0200 |
commit | ebd650c06c67a67da2a0d099f625b6a7ec62ab2b (patch) | |
tree | 913f91672adbb9805432b356760187dc78e2a80b /tests/SessionManagerTest.php | |
parent | e648f62b4ffee16a89619815eb3e7ee7a4dff87f (diff) | |
download | Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.gz Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.zst Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.zip |
Refactor session token management
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- `SessionManager` class to group session-related features
- unit tests
Changed:
- `getToken()` -> `SessionManager->generateToken()`
- `tokenOk()` -> `SessionManager->checkToken()`
- inject a `$token` parameter to `PageBuilder`'s constructor
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'tests/SessionManagerTest.php')
-rw-r--r-- | tests/SessionManagerTest.php | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/tests/SessionManagerTest.php b/tests/SessionManagerTest.php new file mode 100644 index 00000000..3a270303 --- /dev/null +++ b/tests/SessionManagerTest.php | |||
@@ -0,0 +1,72 @@ | |||
1 | <?php | ||
2 | namespace Shaarli; | ||
3 | |||
4 | use \PHPUnit\Framework\TestCase; | ||
5 | |||
6 | /** | ||
7 | * Fake ConfigManager | ||
8 | */ | ||
9 | class FakeConfigManager | ||
10 | { | ||
11 | public static function get($key) | ||
12 | { | ||
13 | return $key; | ||
14 | } | ||
15 | } | ||
16 | |||
17 | |||
18 | /** | ||
19 | * Test coverage for SessionManager | ||
20 | */ | ||
21 | class SessionManagerTest extends TestCase | ||
22 | { | ||
23 | /** | ||
24 | * Generate a session token | ||
25 | */ | ||
26 | public function testGenerateToken() | ||
27 | { | ||
28 | $session = []; | ||
29 | $conf = new FakeConfigManager(); | ||
30 | $sessionManager = new SessionManager($session, $conf); | ||
31 | |||
32 | $token = $sessionManager->generateToken(); | ||
33 | |||
34 | $this->assertEquals(1, $session['tokens'][$token]); | ||
35 | $this->assertEquals(40, strlen($token)); | ||
36 | } | ||
37 | |||
38 | /** | ||
39 | * Generate and check a session token | ||
40 | */ | ||
41 | public function testGenerateAndCheckToken() | ||
42 | { | ||
43 | $session = []; | ||
44 | $conf = new FakeConfigManager(); | ||
45 | $sessionManager = new SessionManager($session, $conf); | ||
46 | |||
47 | $token = $sessionManager->generateToken(); | ||
48 | |||
49 | // ensure a token has been generated | ||
50 | $this->assertEquals(1, $session['tokens'][$token]); | ||
51 | $this->assertEquals(40, strlen($token)); | ||
52 | |||
53 | // check and destroy the token | ||
54 | $this->assertTrue($sessionManager->checkToken($token)); | ||
55 | $this->assertFalse(isset($session['tokens'][$token])); | ||
56 | |||
57 | // ensure the token has been destroyed | ||
58 | $this->assertFalse($sessionManager->checkToken($token)); | ||
59 | } | ||
60 | |||
61 | /** | ||
62 | * Check an invalid session token | ||
63 | */ | ||
64 | public function testCheckInvalidToken() | ||
65 | { | ||
66 | $session = []; | ||
67 | $conf = new FakeConfigManager(); | ||
68 | $sessionManager = new SessionManager($session, $conf); | ||
69 | |||
70 | $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b')); | ||
71 | } | ||
72 | } | ||