diff options
| author | VirtualTam <virtualtam@flibidi.net> | 2018-05-30 02:09:09 +0200 |
|---|---|---|
| committer | VirtualTam <virtualtam@flibidi.net> | 2018-06-02 16:46:06 +0200 |
| commit | 8edd7f15886620b07064aa889aea05c5acbc0e58 (patch) | |
| tree | c4299a352b3f4c518f79eb7208f667f68f8e9388 /tests/security | |
| parent | 704637bfebc73ada4b800b35c457e9fe56ad3567 (diff) | |
| download | Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.tar.gz Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.tar.zst Shaarli-8edd7f15886620b07064aa889aea05c5acbc0e58.zip | |
SessionManager+LoginManager: fix checkLoginState logic
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
Diffstat (limited to 'tests/security')
| -rw-r--r-- | tests/security/LoginManagerTest.php | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/tests/security/LoginManagerTest.php b/tests/security/LoginManagerTest.php index fad09992..f26cd1eb 100644 --- a/tests/security/LoginManagerTest.php +++ b/tests/security/LoginManagerTest.php | |||
| @@ -84,10 +84,7 @@ class LoginManagerTest extends TestCase | |||
| 84 | $this->globals = &$GLOBALS; | 84 | $this->globals = &$GLOBALS; |
| 85 | unset($this->globals['IPBANS']); | 85 | unset($this->globals['IPBANS']); |
| 86 | 86 | ||
| 87 | $this->session = [ | 87 | $this->session = []; |
| 88 | 'expires_on' => time() + 100, | ||
| 89 | 'ip' => $this->clientIpAddress, | ||
| 90 | ]; | ||
| 91 | 88 | ||
| 92 | $this->sessionManager = new SessionManager($this->session, $this->configManager); | 89 | $this->sessionManager = new SessionManager($this->session, $this->configManager); |
| 93 | $this->loginManager = new LoginManager($this->globals, $this->configManager, $this->sessionManager); | 90 | $this->loginManager = new LoginManager($this->globals, $this->configManager, $this->sessionManager); |
| @@ -281,12 +278,18 @@ class LoginManagerTest extends TestCase | |||
| 281 | */ | 278 | */ |
| 282 | public function testCheckLoginStateStaySignedInWithInvalidToken() | 279 | public function testCheckLoginStateStaySignedInWithInvalidToken() |
| 283 | { | 280 | { |
| 281 | // simulate a previous login | ||
| 282 | $this->session = [ | ||
| 283 | 'ip' => $this->clientIpAddress, | ||
| 284 | 'expires_on' => time() + 100, | ||
| 285 | ]; | ||
| 284 | $this->loginManager->generateStaySignedInToken($this->clientIpAddress); | 286 | $this->loginManager->generateStaySignedInToken($this->clientIpAddress); |
| 285 | $this->cookie[LoginManager::$STAY_SIGNED_IN_COOKIE] = 'nope'; | 287 | $this->cookie[LoginManager::$STAY_SIGNED_IN_COOKIE] = 'nope'; |
| 286 | 288 | ||
| 287 | $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress); | 289 | $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress); |
| 288 | 290 | ||
| 289 | $this->assertFalse($this->loginManager->isLoggedIn()); | 291 | $this->assertTrue($this->loginManager->isLoggedIn()); |
| 292 | $this->assertTrue(empty($this->session['username'])); | ||
| 290 | } | 293 | } |
| 291 | 294 | ||
| 292 | /** | 295 | /** |
| @@ -300,6 +303,8 @@ class LoginManagerTest extends TestCase | |||
| 300 | $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress); | 303 | $this->loginManager->checkLoginState($this->cookie, $this->clientIpAddress); |
| 301 | 304 | ||
| 302 | $this->assertTrue($this->loginManager->isLoggedIn()); | 305 | $this->assertTrue($this->loginManager->isLoggedIn()); |
| 306 | $this->assertEquals($this->login, $this->session['username']); | ||
| 307 | $this->assertEquals($this->clientIpAddress, $this->session['ip']); | ||
| 303 | } | 308 | } |
| 304 | 309 | ||
| 305 | /** | 310 | /** |