aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/security
diff options
context:
space:
mode:
authorVirtualTam <virtualtam@flibidi.net>2018-05-30 02:09:09 +0200
committerVirtualTam <virtualtam@flibidi.net>2018-06-02 16:46:06 +0200
commit8edd7f15886620b07064aa889aea05c5acbc0e58 (patch)
treec4299a352b3f4c518f79eb7208f667f68f8e9388 /tests/security
parent704637bfebc73ada4b800b35c457e9fe56ad3567 (diff)
downloadShaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.tar.gz
Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.tar.zst
Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.zip
SessionManager+LoginManager: fix checkLoginState logic
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'tests/security')
-rw-r--r--tests/security/LoginManagerTest.php15
1 files changed, 10 insertions, 5 deletions
diff --git a/tests/security/LoginManagerTest.php b/tests/security/LoginManagerTest.php
index fad09992..f26cd1eb 100644
--- a/tests/security/LoginManagerTest.php
+++ b/tests/security/LoginManagerTest.php
@@ -84,10 +84,7 @@ class LoginManagerTest extends TestCase
84 $this->globals = &$GLOBALS; 84 $this->globals = &$GLOBALS;
85 unset($this->globals['IPBANS']); 85 unset($this->globals['IPBANS']);
86 86
87 $this->session = [ 87 $this->session = [];
88 'expires_on' => time() + 100,
89 'ip' => $this->clientIpAddress,
90 ];
91 88
92 $this->sessionManager = new SessionManager($this->session, $this->configManager); 89 $this->sessionManager = new SessionManager($this->session, $this->configManager);
93 $this->loginManager = new LoginManager($this->globals, $this->configManager, $this->sessionManager); 90 $this->loginManager = new LoginManager($this->globals, $this->configManager, $this->sessionManager);
@@ -281,12 +278,18 @@ class LoginManagerTest extends TestCase
281 */ 278 */
282 public function testCheckLoginStateStaySignedInWithInvalidToken() 279 public function testCheckLoginStateStaySignedInWithInvalidToken()
283 { 280 {
281 // simulate a previous login
282 $this->session = [
283 'ip' => $this->clientIpAddress,
284 'expires_on' => time() + 100,
285 ];
284 $this->loginManager->generateStaySignedInToken($this->clientIpAddress); 286 $this->loginManager->generateStaySignedInToken($this->clientIpAddress);
285 $this->cookie[LoginManager::$STAY_SIGNED_IN_COOKIE] = 'nope'; 287 $this->cookie[LoginManager::$STAY_SIGNED_IN_COOKIE] = 'nope';
286 288
287 $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress); 289 $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress);
288 290
289 $this->assertFalse($this->loginManager->isLoggedIn()); 291 $this->assertTrue($this->loginManager->isLoggedIn());
292 $this->assertTrue(empty($this->session['username']));
290 } 293 }
291 294
292 /** 295 /**
@@ -300,6 +303,8 @@ class LoginManagerTest extends TestCase
300 $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress); 303 $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress);
301 304
302 $this->assertTrue($this->loginManager->isLoggedIn()); 305 $this->assertTrue($this->loginManager->isLoggedIn());
306 $this->assertEquals($this->login, $this->session['username']);
307 $this->assertEquals($this->clientIpAddress, $this->session['ip']);
303 } 308 }
304 309
305 /** 310 /**