aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/SessionManagerTest.php
diff options
context:
space:
mode:
authorVirtualTam <virtualtam@flibidi.net>2017-10-22 18:44:46 +0200
committerVirtualTam <virtualtam@flibidi.net>2017-10-22 19:19:46 +0200
commitebd650c06c67a67da2a0d099f625b6a7ec62ab2b (patch)
tree913f91672adbb9805432b356760187dc78e2a80b /tests/SessionManagerTest.php
parente648f62b4ffee16a89619815eb3e7ee7a4dff87f (diff)
downloadShaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.gz
Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.zst
Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.zip
Refactor session token management
Relates to https://github.com/shaarli/Shaarli/issues/324 Added: - `SessionManager` class to group session-related features - unit tests Changed: - `getToken()` -> `SessionManager->generateToken()` - `tokenOk()` -> `SessionManager->checkToken()` - inject a `$token` parameter to `PageBuilder`'s constructor Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'tests/SessionManagerTest.php')
-rw-r--r--tests/SessionManagerTest.php72
1 files changed, 72 insertions, 0 deletions
diff --git a/tests/SessionManagerTest.php b/tests/SessionManagerTest.php
new file mode 100644
index 00000000..3a270303
--- /dev/null
+++ b/tests/SessionManagerTest.php
@@ -0,0 +1,72 @@
1<?php
2namespace Shaarli;
3
4use \PHPUnit\Framework\TestCase;
5
6/**
7 * Fake ConfigManager
8 */
9class FakeConfigManager
10{
11 public static function get($key)
12 {
13 return $key;
14 }
15}
16
17
18/**
19 * Test coverage for SessionManager
20 */
21class SessionManagerTest extends TestCase
22{
23 /**
24 * Generate a session token
25 */
26 public function testGenerateToken()
27 {
28 $session = [];
29 $conf = new FakeConfigManager();
30 $sessionManager = new SessionManager($session, $conf);
31
32 $token = $sessionManager->generateToken();
33
34 $this->assertEquals(1, $session['tokens'][$token]);
35 $this->assertEquals(40, strlen($token));
36 }
37
38 /**
39 * Generate and check a session token
40 */
41 public function testGenerateAndCheckToken()
42 {
43 $session = [];
44 $conf = new FakeConfigManager();
45 $sessionManager = new SessionManager($session, $conf);
46
47 $token = $sessionManager->generateToken();
48
49 // ensure a token has been generated
50 $this->assertEquals(1, $session['tokens'][$token]);
51 $this->assertEquals(40, strlen($token));
52
53 // check and destroy the token
54 $this->assertTrue($sessionManager->checkToken($token));
55 $this->assertFalse(isset($session['tokens'][$token]));
56
57 // ensure the token has been destroyed
58 $this->assertFalse($sessionManager->checkToken($token));
59 }
60
61 /**
62 * Check an invalid session token
63 */
64 public function testCheckInvalidToken()
65 {
66 $session = [];
67 $conf = new FakeConfigManager();
68 $sessionManager = new SessionManager($session, $conf);
69
70 $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
71 }
72}