Refactor session token management

Relates to https://github.com/shaarli/Shaarli/issues/324 Added: - `SessionManager` class to group session-related features - unit tests Changed: - `getToken()` -> `SessionManager->generateToken()` - `tokenOk()` -> `SessionManager->checkToken()` - inject a `$token` parameter to `PageBuilder`'s constructor Signed-off-by: VirtualTam <virtualtam@flibidi.net>
author: VirtualTam <virtualtam@flibidi.net> 2017-10-22 18:44:46 +0200
committer: VirtualTam <virtualtam@flibidi.net> 2017-10-22 19:19:46 +0200
commit: ebd650c06c67a67da2a0d099f625b6a7ec62ab2b (patch)
tree: 913f91672adbb9805432b356760187dc78e2a80b /tests/SessionManagerTest.php
parent: e648f62b4ffee16a89619815eb3e7ee7a4dff87f (diff)
download: Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.gz
Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.zst
Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.zip
1 files changed, 72 insertions, 0 deletions
diff --git a/tests/SessionManagerTest.php b/tests/SessionManagerTest.php
new file mode 100644
index 00000000..3a270303
--- /dev/null
+++ b/tests/SessionManagerTest.php
@@ -0,0 +1,72 @@
+<?php
+namespace Shaarli;
+use \PHPUnit\Framework\TestCase;
+/**
+ * Fake ConfigManager
+ */
+class FakeConfigManager
+{
+    public static function get($key)
+    {
+        return $key;
+    }
+}
+/**
+ * Test coverage for SessionManager
+ */
+class SessionManagerTest extends TestCase
+{
+    /**
+     * Generate a session token
+     */
+    public function testGenerateToken()
+    {
+        $session = [];
+        $conf = new FakeConfigManager();
+        $sessionManager = new SessionManager($session, $conf);
+        $token = $sessionManager->generateToken();
+        $this->assertEquals(1, $session['tokens'][$token]);
+        $this->assertEquals(40, strlen($token));
+    }
+    /**
+     * Generate and check a session token
+     */
+    public function testGenerateAndCheckToken()
+    {
+        $session = [];
+        $conf = new FakeConfigManager();
+        $sessionManager = new SessionManager($session, $conf);
+        $token = $sessionManager->generateToken();
+        // ensure a token has been generated
+        $this->assertEquals(1, $session['tokens'][$token]);
+        $this->assertEquals(40, strlen($token));
+        // check and destroy the token
+        $this->assertTrue($sessionManager->checkToken($token));
+        $this->assertFalse(isset($session['tokens'][$token]));
+        // ensure the token has been destroyed
+        $this->assertFalse($sessionManager->checkToken($token));
+    }
+    /**
+     * Check an invalid session token
+     */
+    public function testCheckInvalidToken()
+    {
+        $session = [];
+        $conf = new FakeConfigManager();
+        $sessionManager = new SessionManager($session, $conf);
+        $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
+    }
+}
author	VirtualTam <virtualtam@flibidi.net>	2017-10-22 18:44:46 +0200
committer	VirtualTam <virtualtam@flibidi.net>	2017-10-22 19:19:46 +0200
commit	ebd650c06c67a67da2a0d099f625b6a7ec62ab2b (patch)
tree	913f91672adbb9805432b356760187dc78e2a80b /tests/SessionManagerTest.php
parent	e648f62b4ffee16a89619815eb3e7ee7a4dff87f (diff)
download	Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.gz Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.tar.zst Shaarli-ebd650c06c67a67da2a0d099f625b6a7ec62ab2b.zip

diff --git a/tests/SessionManagerTest.php b/tests/SessionManagerTest.php new file mode 100644 index 00000000..3a270303 --- /dev/null +++ b/tests/SessionManagerTest.php
@@ -0,0 +1,72 @@
	1	<?php
	2	namespace Shaarli;
	3
	4	use \PHPUnit\Framework\TestCase;
	5
	6	/**
	7	* Fake ConfigManager
	8	*/
	9	class FakeConfigManager
	10	{
	11	public static function get($key)
	12	{
	13	return $key;
	14	}
	15	}
	16
	17
	18	/**
	19	* Test coverage for SessionManager
	20	*/
	21	class SessionManagerTest extends TestCase
	22	{
	23	/**
	24	* Generate a session token
	25	*/
	26	public function testGenerateToken()
	27	{
	28	$session = [];
	29	$conf = new FakeConfigManager();
	30	$sessionManager = new SessionManager($session, $conf);
	31
	32	$token = $sessionManager->generateToken();
	33
	34	$this->assertEquals(1, $session['tokens'][$token]);
	35	$this->assertEquals(40, strlen($token));
	36	}
	37
	38	/**
	39	* Generate and check a session token
	40	*/
	41	public function testGenerateAndCheckToken()
	42	{
	43	$session = [];
	44	$conf = new FakeConfigManager();
	45	$sessionManager = new SessionManager($session, $conf);
	46
	47	$token = $sessionManager->generateToken();
	48
	49	// ensure a token has been generated
	50	$this->assertEquals(1, $session['tokens'][$token]);
	51	$this->assertEquals(40, strlen($token));
	52
	53	// check and destroy the token
	54	$this->assertTrue($sessionManager->checkToken($token));
	55	$this->assertFalse(isset($session['tokens'][$token]));
	56
	57	// ensure the token has been destroyed
	58	$this->assertFalse($sessionManager->checkToken($token));
	59	}
	60
	61	/**
	62	* Check an invalid session token
	63	*/
	64	public function testCheckInvalidToken()
	65	{
	66	$session = [];
	67	$conf = new FakeConfigManager();
	68	$sessionManager = new SessionManager($session, $conf);
	69
	70	$this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
	71	}
	72	}