diff options
author | ArthurHoaro <arthur@hoa.ro> | 2018-07-17 14:13:37 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2018-07-17 14:13:37 +0200 |
commit | d9ba1cdd44a7eec9e7f4d429087c6ba838ad473e (patch) | |
tree | 5be107b1b06cc9fbaeec32679474816d6469748e /tests/security | |
parent | 5d32c50ad70a659a6c86b80fa65d7ec41e045b1e (diff) | |
download | Shaarli-d9ba1cdd44a7eec9e7f4d429087c6ba838ad473e.tar.gz Shaarli-d9ba1cdd44a7eec9e7f4d429087c6ba838ad473e.tar.zst Shaarli-d9ba1cdd44a7eec9e7f4d429087c6ba838ad473e.zip |
Do not check the IP address with session protection disabled
This allows the user to stay logged in if his IP changes.
Fixes #1106
Diffstat (limited to 'tests/security')
-rw-r--r-- | tests/security/LoginManagerTest.php | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/tests/security/LoginManagerTest.php b/tests/security/LoginManagerTest.php index f26cd1eb..b9ab5ec4 100644 --- a/tests/security/LoginManagerTest.php +++ b/tests/security/LoginManagerTest.php | |||
@@ -260,6 +260,20 @@ class LoginManagerTest extends TestCase | |||
260 | } | 260 | } |
261 | 261 | ||
262 | /** | 262 | /** |
263 | * Generate a token depending on the user credentials with session protected disabled | ||
264 | */ | ||
265 | public function testGenerateStaySignedInTokenSessionProtectionDisabled() | ||
266 | { | ||
267 | $this->configManager->set('security.session_protection_disabled', true); | ||
268 | $this->loginManager->generateStaySignedInToken($this->clientIpAddress); | ||
269 | |||
270 | $this->assertEquals( | ||
271 | sha1($this->passwordHash . $this->salt), | ||
272 | $this->loginManager->getStaySignedInToken() | ||
273 | ); | ||
274 | } | ||
275 | |||
276 | /** | ||
263 | * Check user login - Shaarli has not yet been configured | 277 | * Check user login - Shaarli has not yet been configured |
264 | */ | 278 | */ |
265 | public function testCheckLoginStateNotConfigured() | 279 | public function testCheckLoginStateNotConfigured() |