Merge pull request #1062 from wallabag/v2-relation-entry-user

add a real relation between user and entry

11 files changed, 448 insertions, 70 deletions

diff --git a/src/Wallabag/CoreBundle/Controller/EntryController.php b/src/Wallabag/CoreBundle/Controller/EntryController.php
index 6326d31f..e0697ca3 100644
--- a/src/Wallabag/CoreBundle/Controller/EntryController.php
+++ b/src/Wallabag/CoreBundle/Controller/EntryController.php
@@ -19,8 +19,7 @@ class EntryController extends Controller
      */
     public function addEntryAction(Request $request)
     {
-        $entry = new Entry();
-        $entry->setUserId(1);
+        $entry = new Entry($this->getUser());
 
         $form = $this->createFormBuilder($entry)
             ->add('url', 'url')
@@ -60,10 +59,10 @@ class EntryController extends Controller
      */
     public function showUnreadAction()
     {
-        $repository = $this->getDoctrine()->getRepository('WallabagCoreBundle:Entry');
-        // TODO don't give the user ID like this
         // TODO change pagination
-        $entries = $repository->findUnreadByUser(1, 0);
+        $entries = $this->getDoctrine()
+            ->getRepository('WallabagCoreBundle:Entry')
+            ->findUnreadByUser($this->getUser()->getId(), 0);
 
         return $this->render(
             'WallabagCoreBundle:Entry:entries.html.twig',
@@ -79,10 +78,10 @@ class EntryController extends Controller
      */
     public function showArchiveAction()
     {
-        $repository = $this->getDoctrine()->getRepository('WallabagCoreBundle:Entry');
-        // TODO don't give the user ID like this
         // TODO change pagination
-        $entries = $repository->findArchiveByUser(1, 0);
+        $entries = $this->getDoctrine()
+            ->getRepository('WallabagCoreBundle:Entry')
+            ->findArchiveByUser($this->getUser()->getId(), 0);
 
         return $this->render(
             'WallabagCoreBundle:Entry:entries.html.twig',
@@ -98,10 +97,10 @@ class EntryController extends Controller
      */
     public function showStarredAction()
     {
-        $repository = $this->getDoctrine()->getRepository('WallabagCoreBundle:Entry');
-        // TODO don't give the user ID like this
         // TODO change pagination
-        $entries = $repository->findStarredByUser(1, 0);
+        $entries = $this->getDoctrine()
+            ->getRepository('WallabagCoreBundle:Entry')
+            ->findStarredByUser($this->getUser()->getId(), 0);
 
         return $this->render(
             'WallabagCoreBundle:Entry:entries.html.twig',
diff --git a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadEntryData.php b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadEntryData.php
new file mode 100644
index 00000000..fccd06be
--- /dev/null
+++ b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadEntryData.php
@@ -0,0 +1,35 @@
+<?php
+
+namespace Wallabag\CoreBundle\DataFixtures\ORM;
+
+use Doctrine\Common\DataFixtures\AbstractFixture;
+use Doctrine\Common\DataFixtures\OrderedFixtureInterface;
+use Doctrine\Common\Persistence\ObjectManager;
+use Wallabag\CoreBundle\Entity\Entry;
+
+class LoadEntryData extends AbstractFixture implements OrderedFixtureInterface
+{
+    /**
+     * {@inheritDoc}
+     */
+    public function load(ObjectManager $manager)
+    {
+        $entry1 = new Entry($this->getReference('admin-user'));
+        $entry1->setUrl('http://0.0.0.0');
+        $entry1->setTitle('test title');
+        $entry1->setContent('This is my content /o/');
+
+        $manager->persist($entry1);
+        $manager->flush();
+
+        $this->addReference('entry1', $entry1);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getOrder()
+    {
+        return 20;
+    }
+}
diff --git a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php
new file mode 100644
index 00000000..da788218
--- /dev/null
+++ b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadUserData.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace Wallabag\CoreBundle\DataFixtures\ORM;
+
+use Doctrine\Common\DataFixtures\AbstractFixture;
+use Doctrine\Common\DataFixtures\OrderedFixtureInterface;
+use Doctrine\Common\Persistence\ObjectManager;
+use Wallabag\CoreBundle\Entity\User;
+
+class LoadUserData extends AbstractFixture implements OrderedFixtureInterface
+{
+    /**
+     * {@inheritDoc}
+     */
+    public function load(ObjectManager $manager)
+    {
+        $userAdmin = new User();
+        $userAdmin->setUsername('admin');
+        $userAdmin->setPassword('test');
+
+        $manager->persist($userAdmin);
+        $manager->flush();
+
+        $this->addReference('admin-user', $userAdmin);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function getOrder()
+    {
+        return 10;
+    }
+}
diff --git a/src/Wallabag/CoreBundle/Entity/Entry.php b/src/Wallabag/CoreBundle/Entity/Entry.php
index a00762ca..937213b4 100644
--- a/src/Wallabag/CoreBundle/Entity/Entry.php
+++ b/src/Wallabag/CoreBundle/Entity/Entry.php
@@ -84,13 +84,6 @@ class Entry
     /**
      * @var string
      *
-     * @ORM\Column(name="user_id", type="decimal", precision=10, scale=0, nullable=true)
-     */
-    private $userId;
-
-    /**
-     * @var string
-     *
      * @ORM\Column(name="comments", type="text", nullable=true)
      */
     private $comments;
@@ -124,6 +117,19 @@ class Entry
     private $isPublic;
 
     /**
+     * @ORM\ManyToOne(targetEntity="User", inversedBy="entries")
+     */
+    private $user;
+
+    /*
+     * @param User     $user
+     */
+    public function __construct(User $user)
+    {
+        $this->user = $user;
+    }
+
+    /**
      * Get id
      *
      * @return integer
@@ -263,26 +269,11 @@ class Entry
     }
 
     /**
-     * Set userId
-     *
-     * @param  string $userId
-     * @return Entry
-     */
-    public function setUserId($userId)
-    {
-        $this->userId = $userId;
-
-        return $this;
-    }
-
-    /**
-     * Get userId
-     *
-     * @return string
+     * @return User
      */
-    public function getUserId()
+    public function getUser()
     {
-        return $this->userId;
+        return $this->user;
     }
 
     /**
diff --git a/src/Wallabag/CoreBundle/Entity/User.php b/src/Wallabag/CoreBundle/Entity/User.php
index 6abfd3ae..c83250c3 100644
--- a/src/Wallabag/CoreBundle/Entity/User.php
+++ b/src/Wallabag/CoreBundle/Entity/User.php
@@ -2,6 +2,7 @@
 
 namespace Wallabag\CoreBundle\Entity;
 
+use Doctrine\Common\Collections\ArrayCollection;
 use Doctrine\ORM\Mapping as ORM;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\AdvancedUserInterface;
@@ -78,10 +79,16 @@ class User implements AdvancedUserInterface, \Serializable
      */
     private $updatedAt;
 
+    /**
+     * @ORM\OneToMany(targetEntity="Entry", mappedBy="user", cascade={"remove"})
+     */
+    private $entries;
+
     public function __construct()
     {
         $this->isActive = true;
-        $this->salt = md5(uniqid(null, true));
+        $this->salt     = md5(uniqid(null, true));
+        $this->entries  = new ArrayCollection();
     }
 
     /**
@@ -154,7 +161,11 @@ class User implements AdvancedUserInterface, \Serializable
      */
     public function setPassword($password)
     {
-        $this->password = $password;
+        if (!$password && 0 === strlen($password)) {
+            return;
+        }
+
+        $this->password = sha1($password.$this->getUsername().$this->getSalt());
 
         return $this;
     }
@@ -232,6 +243,26 @@ class User implements AdvancedUserInterface, \Serializable
     }
 
     /**
+     * @param Entry $entry
+     *
+     * @return User
+     */
+    public function addEntry(Entry $entry)
+    {
+        $this->entries[] = $entry;
+
+        return $this;
+    }
+
+    /**
+     * @return ArrayCollection<Entry>
+     */
+    public function getEntries()
+    {
+        return $this->entries;
+    }
+
+    /**
      * @inheritDoc
      */
     public function eraseCredentials()
diff --git a/src/Wallabag/CoreBundle/Repository/EntryRepository.php b/src/Wallabag/CoreBundle/Repository/EntryRepository.php
index f4c803f9..5ae1337a 100644
--- a/src/Wallabag/CoreBundle/Repository/EntryRepository.php
+++ b/src/Wallabag/CoreBundle/Repository/EntryRepository.php
@@ -11,19 +11,20 @@ class EntryRepository extends EntityRepository
     /**
      * Retrieves unread entries for a user
      *
-     * @param $userId
-     * @param $firstResult
-     * @param  int       $maxResults
+     * @param int $userId
+     * @param int $firstResult
+     * @param int $maxResults
+     *
      * @return Paginator
      */
     public function findUnreadByUser($userId, $firstResult, $maxResults = 12)
     {
         $qb = $this->createQueryBuilder('e')
-            ->select('e')
             ->setFirstResult($firstResult)
             ->setMaxResults($maxResults)
+            ->leftJoin('e.user', 'u')
             ->where('e.isArchived = false')
-            ->andWhere('e.userId =:userId')->setParameter('userId', $userId)
+            ->andWhere('u.id =:userId')->setParameter('userId', $userId)
             ->andWhere('e.isDeleted=false')
             ->orderBy('e.createdAt', 'desc')
             ->getQuery();
@@ -36,9 +37,10 @@ class EntryRepository extends EntityRepository
     /**
      * Retrieves read entries for a user
      *
-     * @param $userId
-     * @param $firstResult
-     * @param  int       $maxResults
+     * @param int $userId
+     * @param int $firstResult
+     * @param int $maxResults
+     *
      * @return Paginator
      */
     public function findArchiveByUser($userId, $firstResult, $maxResults = 12)
@@ -47,8 +49,9 @@ class EntryRepository extends EntityRepository
             ->select('e')
             ->setFirstResult($firstResult)
             ->setMaxResults($maxResults)
+            ->leftJoin('e.user', 'u')
             ->where('e.isArchived = true')
-            ->andWhere('e.userId =:userId')->setParameter('userId', $userId)
+            ->andWhere('u.id =:userId')->setParameter('userId', $userId)
             ->andWhere('e.isDeleted=false')
             ->orderBy('e.createdAt', 'desc')
             ->getQuery();
@@ -61,9 +64,10 @@ class EntryRepository extends EntityRepository
     /**
      * Retrieves starred entries for a user
      *
-     * @param $userId
-     * @param $firstResult
-     * @param  int       $maxResults
+     * @param int $userId
+     * @param int $firstResult
+     * @param int $maxResults
+     *
      * @return Paginator
      */
     public function findStarredByUser($userId, $firstResult, $maxResults = 12)
@@ -72,9 +76,10 @@ class EntryRepository extends EntityRepository
             ->select('e')
             ->setFirstResult($firstResult)
             ->setMaxResults($maxResults)
+            ->leftJoin('e.user', 'u')
             ->where('e.isStarred = true')
-            ->andWhere('e.userId =:userId')->setParameter('userId', $userId)
-            ->andWhere('e.isDeleted=false')
+            ->andWhere('u.id =:userId')->setParameter('userId', $userId)
+            ->andWhere('e.isDeleted = false')
             ->orderBy('e.createdAt', 'desc')
             ->getQuery();
 
@@ -83,22 +88,34 @@ class EntryRepository extends EntityRepository
         return $paginator;
     }
 
-    public function findEntries($userId, $isArchived, $isStarred, $isDeleted, $sort, $order)
+    /**
+     * Find Entries
+     *
+     * @param  int    $userId
+     * @param  bool   $isArchived
+     * @param  bool   $isStarred
+     * @param  bool   $isDeleted
+     * @param  string $sort
+     * @param  string $order
+     *
+     * @return ArrayCollection
+     */
+    public function findEntries($userId, $isArchived = null, $isStarred = null, $isDeleted = null, $sort = 'created', $order = 'ASC')
     {
         $qb = $this->createQueryBuilder('e')
-            ->select('e')
-            ->where('e.userId =:userId')->setParameter('userId', $userId);
+            ->leftJoin('e.user', 'u')
+            ->where('u.id =:userId')->setParameter('userId', $userId);
 
-        if (!is_null($isArchived)) {
-            $qb->andWhere('e.isArchived =:isArchived')->setParameter('isArchived', $isArchived);
+        if (null !== $isArchived) {
+            $qb->andWhere('e.isArchived =:isArchived')->setParameter('isArchived', (bool) $isArchived);
         }
 
-        if (!is_null($isStarred)) {
-            $qb->andWhere('e.isStarred =:isStarred')->setParameter('isStarred', $isStarred);
+        if (null !== $isStarred) {
+            $qb->andWhere('e.isStarred =:isStarred')->setParameter('isStarred', (bool) $isStarred);
         }
 
-        if (!is_null($isDeleted)) {
-            $qb->andWhere('e.isDeleted =:isDeleted')->setParameter('isDeleted', $isDeleted);
+        if (null !== $isDeleted) {
+            $qb->andWhere('e.isDeleted =:isDeleted')->setParameter('isDeleted', (bool) $isDeleted);
         }
 
         if ('created' === $sort) {
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
new file mode 100644
index 00000000..56f1affe
--- /dev/null
+++ b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
@@ -0,0 +1,88 @@
+<?php
+
+namespace Wallabag\CoreBundle\Security\Authentication\Encoder;
+
+use Symfony\Component\Security\Core\Encoder\BasePasswordEncoder;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+
+/**
+ * This override just add en extra variable (username) to be able to salt the password
+ * the way Wallabag v1 does. It will avoid to break compatibility with Wallabag v1
+ *
+ */
+class WallabagPasswordEncoder extends BasePasswordEncoder
+{
+    private $algorithm;
+    private $encodeHashAsBase64;
+    private $iterations;
+    private $username = null;
+
+    /**
+     * Constructor.
+     *
+     * @param string $algorithm          The digest algorithm to use
+     * @param bool   $encodeHashAsBase64 Whether to base64 encode the password hash
+     * @param int    $iterations         The number of iterations to use to stretch the password hash
+     */
+    public function __construct($algorithm = 'sha512', $encodeHashAsBase64 = true, $iterations = 5000)
+    {
+        $this->algorithm = $algorithm;
+        $this->encodeHashAsBase64 = $encodeHashAsBase64;
+        $this->iterations = $iterations;
+    }
+
+    public function setUsername($username)
+    {
+        $this->username = $username;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function encodePassword($raw, $salt)
+    {
+        if (null === $this->username) {
+            throw new \LogicException('We can not check the password without a username.');
+        }
+
+        if ($this->isPasswordTooLong($raw)) {
+            throw new BadCredentialsException('Invalid password.');
+        }
+
+        if (!in_array($this->algorithm, hash_algos(), true)) {
+            throw new \LogicException(sprintf('The algorithm "%s" is not supported.', $this->algorithm));
+        }
+
+        $salted = $this->mergePasswordAndSalt($raw, $salt);
+        $digest = hash($this->algorithm, $salted, true);
+
+        // "stretch" hash
+        for ($i = 1; $i < $this->iterations; $i++) {
+            $digest = hash($this->algorithm, $digest.$salted, true);
+        }
+
+        return $this->encodeHashAsBase64 ? base64_encode($digest) : bin2hex($digest);
+    }
+
+    /**
+     * {@inheritdoc}
+     *
+     * We inject the username inside the salted password
+     */
+    protected function mergePasswordAndSalt($password, $salt)
+    {
+        if (empty($salt)) {
+            return $password;
+        }
+
+        return $password.$this->username.$salt;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function isPasswordValid($encoded, $raw, $salt)
+    {
+        return !$this->isPasswordTooLong($raw) && $this->comparePasswords($encoded, $this->encodePassword($raw, $salt));
+    }
+}
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php
new file mode 100644
index 00000000..1c7c5fae
--- /dev/null
+++ b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php
@@ -0,0 +1,89 @@
+<?php
+
+namespace Wallabag\CoreBundle\Security\Authentication\Provider;
+
+use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
+use Symfony\Component\Security\Core\User\UserProviderInterface;
+use Symfony\Component\Security\Core\User\UserCheckerInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
+use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
+use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+use Symfony\Component\Security\Core\Authentication\Provider\UserAuthenticationProvider;
+
+class WallabagAuthenticationProvider extends UserAuthenticationProvider
+{
+    private $encoderFactory;
+    private $userProvider;
+
+    /**
+     * Constructor.
+     *
+     * @param UserProviderInterface   $userProvider               An UserProviderInterface instance
+     * @param UserCheckerInterface    $userChecker                An UserCheckerInterface instance
+     * @param string                  $providerKey                The provider key
+     * @param EncoderFactoryInterface $encoderFactory             An EncoderFactoryInterface instance
+     * @param bool                    $hideUserNotFoundExceptions Whether to hide user not found exception or not
+     */
+    public function __construct(UserProviderInterface $userProvider, UserCheckerInterface $userChecker, $providerKey, EncoderFactoryInterface $encoderFactory, $hideUserNotFoundExceptions = true)
+    {
+        parent::__construct($userChecker, $providerKey, $hideUserNotFoundExceptions);
+
+        $this->encoderFactory = $encoderFactory;
+        $this->userProvider = $userProvider;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
+    {
+        $currentUser = $token->getUser();
+        if ($currentUser instanceof UserInterface) {
+            if ($currentUser->getPassword() !== $user->getPassword()) {
+                throw new BadCredentialsException('The credentials were changed from another session.');
+            }
+        } else {
+            if ("" === ($presentedPassword = $token->getCredentials())) {
+                throw new BadCredentialsException('The presented password cannot be empty.');
+            }
+
+            // give username, it's used to hash the password
+            $encoder = $this->encoderFactory->getEncoder($user);
+            $encoder->setUsername($user->getUsername());
+
+            if (!$encoder->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
+                throw new BadCredentialsException('The presented password is invalid.');
+            }
+        }
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function retrieveUser($username, UsernamePasswordToken $token)
+    {
+        $user = $token->getUser();
+        if ($user instanceof UserInterface) {
+            return $user;
+        }
+
+        try {
+            $user = $this->userProvider->loadUserByUsername($username);
+
+            if (!$user instanceof UserInterface) {
+                throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
+            }
+
+            return $user;
+        } catch (UsernameNotFoundException $notFound) {
+            $notFound->setUsername($username);
+            throw $notFound;
+        } catch (\Exception $repositoryProblem) {
+            $ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem);
+            $ex->setToken($token);
+            throw $ex;
+        }
+    }
+}
diff --git a/src/Wallabag/CoreBundle/Tests/Controller/EntryControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/EntryControllerTest.php
index fde210c9..5d8daea3 100644
--- a/src/Wallabag/CoreBundle/Tests/Controller/EntryControllerTest.php
+++ b/src/Wallabag/CoreBundle/Tests/Controller/EntryControllerTest.php
@@ -2,13 +2,24 @@
 
 namespace Wallabag\CoreBundle\Tests\Controller;
 
-use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use Wallabag\CoreBundle\Tests\WallabagTestCase;
 
-class EntryControllerTest extends WebTestCase
+class EntryControllerTest extends WallabagTestCase
 {
+    public function testLogin()
+    {
+        $client = $this->getClient();
+
+        $crawler = $client->request('GET', '/new');
+
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $this->assertContains('login', $client->getResponse()->headers->get('location'));
+    }
+
     public function testGetNew()
     {
-        $client = static::createClient();
+        $this->logIn();
+        $client = $this->getClient();
 
         $crawler = $client->request('GET', '/new');
 
@@ -20,7 +31,8 @@ class EntryControllerTest extends WebTestCase
 
     public function testPostNewEmpty()
     {
-        $client = static::createClient();
+        $this->logIn();
+        $client = $this->getClient();
 
         $crawler = $client->request('GET', '/new');
 
@@ -37,7 +49,8 @@ class EntryControllerTest extends WebTestCase
 
     public function testPostNewOk()
     {
-        $client = static::createClient();
+        $this->logIn();
+        $client = $this->getClient();
 
         $crawler = $client->request('GET', '/new');
 
@@ -55,13 +68,14 @@ class EntryControllerTest extends WebTestCase
 
         $crawler = $client->followRedirect();
 
-        $this->assertCount(1, $alert = $crawler->filter('h2 a')->extract(array('_text')));
+        $this->assertGreaterThan(1, $alert = $crawler->filter('h2 a')->extract(array('_text')));
         $this->assertContains('Mailjet', $alert[0]);
     }
 
     public function testArchive()
     {
-        $client = static::createClient();
+        $this->logIn();
+        $client = $this->getClient();
 
         $crawler = $client->request('GET', '/archive');
 
@@ -70,7 +84,8 @@ class EntryControllerTest extends WebTestCase
 
     public function testStarred()
     {
-        $client = static::createClient();
+        $this->logIn();
+        $client = $this->getClient();
 
         $crawler = $client->request('GET', '/starred');
 
@@ -79,13 +94,18 @@ class EntryControllerTest extends WebTestCase
 
     public function testView()
     {
-        $client = static::createClient();
+        $this->logIn();
+        $client = $this->getClient();
 
         $content = $client->getContainer()
             ->get('doctrine.orm.entity_manager')
             ->getRepository('WallabagCoreBundle:Entry')
             ->findOneByIsArchived(false);
 
+        if (!$content) {
+            $this->markTestSkipped('No content found in db.');
+        }
+
         $crawler = $client->request('GET', '/view/'.$content->getId());
 
         $this->assertEquals(200, $client->getResponse()->getStatusCode());
diff --git a/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php
new file mode 100644
index 00000000..54cf5073
--- /dev/null
+++ b/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php
@@ -0,0 +1,40 @@
+<?php
+
+namespace Wallabag\CoreBundle\Tests\Controller;
+
+use Wallabag\CoreBundle\Tests\WallabagTestCase;
+
+class SecurityControllerTest extends WallabagTestCase
+{
+    public function testLogin()
+    {
+        $client = $this->getClient();
+
+        $crawler = $client->request('GET', '/new');
+
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $this->assertContains('login', $client->getResponse()->headers->get('location'));
+    }
+
+    public function testLoginFail()
+    {
+        $client = $this->getClient();
+
+        $crawler = $client->request('GET', '/login');
+
+        $form = $crawler->filter('button[type=submit]')->form();
+        $data = array(
+            '_username' => 'admin',
+            '_password' => 'admin',
+        );
+
+        $client->submit($form, $data);
+
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $this->assertContains('login', $client->getResponse()->headers->get('location'));
+
+        $crawler = $client->followRedirect();
+
+        $this->assertContains('Bad credentials', $client->getResponse()->getContent());
+    }
+}
diff --git a/src/Wallabag/CoreBundle/Tests/WallabagTestCase.php b/src/Wallabag/CoreBundle/Tests/WallabagTestCase.php
new file mode 100644
index 00000000..5f092318
--- /dev/null
+++ b/src/Wallabag/CoreBundle/Tests/WallabagTestCase.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace Wallabag\CoreBundle\Tests;
+
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use Symfony\Component\BrowserKit\Cookie;
+use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+
+class WallabagTestCase extends WebTestCase
+{
+    private $client = null;
+
+    public function getClient()
+    {
+        return $this->client;
+    }
+
+    public function setUp()
+    {
+        $this->client = static::createClient();
+    }
+
+    public function logIn()
+    {
+        $crawler = $this->client->request('GET', '/login');
+        $form = $crawler->filter('button[type=submit]')->form();
+        $data = array(
+            '_username' => 'admin',
+            '_password' => 'test',
+        );
+
+        $this->client->submit($form, $data);
+    }
+}