Merge branch 'master' into remember-me-frontend
This commit is contained in:
commit
6662f0da61
|
@ -5,7 +5,8 @@ class LoginController extends Controller {
|
|||
|
||||
private $userInstance;
|
||||
private $session;
|
||||
|
||||
private $rememberToken;
|
||||
|
||||
public function validations() {
|
||||
return [
|
||||
'permission' => 'any',
|
||||
|
@ -19,8 +20,9 @@ class LoginController extends Controller {
|
|||
return;
|
||||
}
|
||||
|
||||
if ($this->areCredentialsValid()) {
|
||||
if ($this->areCredentialsValid() || $this->isRememberTokenValid()) {
|
||||
$this->createUserSession();
|
||||
$this->createSessionCookie();
|
||||
|
||||
Response::respondSuccess($this->getUserData());
|
||||
} else {
|
||||
|
@ -36,6 +38,20 @@ class LoginController extends Controller {
|
|||
return ($this->getUserByInputCredentials() !== null);
|
||||
}
|
||||
|
||||
private function isRememberTokenValid() {
|
||||
$rememberToken = Controller::request('rememberToken');
|
||||
|
||||
if ($rememberToken) {
|
||||
$sessionCookie = SessionCookie::getDataStore($rememberToken, 'token');
|
||||
$userid = Controller::request('userId');
|
||||
|
||||
if ($sessionCookie !== null && $userid === $sessionCookie->user->id) {
|
||||
$this->userInstance = $sessionCookie->user;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private function createUserSession() {
|
||||
$this->getSession()->createSession($this->userInstance->id);
|
||||
}
|
||||
|
@ -46,7 +62,8 @@ class LoginController extends Controller {
|
|||
return array(
|
||||
'userId' => $userInstance->id,
|
||||
'userEmail' => $userInstance->email,
|
||||
'token' => $this->getSession()->getToken()
|
||||
'token' => $this->getSession()->getToken(),
|
||||
'rememberToken' => $this->rememberToken
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -68,4 +85,19 @@ class LoginController extends Controller {
|
|||
|
||||
return $this->session;
|
||||
}
|
||||
private function createSessionCookie(){
|
||||
$remember = Controller::request('remember');
|
||||
if ($remember) {
|
||||
$this->rememberToken = Hashing::generateRandomToken();
|
||||
|
||||
$sessionCookie = new SessionCookie();
|
||||
$sessionCookie->setProperties(array(
|
||||
'user' => $this->userInstance->getBeanInstance(),
|
||||
'token' => $this->rememberToken,
|
||||
'ip' => $_SERVER['REMOTE_ADDR'],
|
||||
'creationDate' => date('d-m-Y (H:i:s)')
|
||||
));
|
||||
$sessionCookie->store();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,4 +7,7 @@ class Hashing {
|
|||
public static function verifyPassword($password, $hash) {
|
||||
return password_verify($password, $hash);
|
||||
}
|
||||
public static function generateRandomToken() {
|
||||
return md5(uniqid(rand()));
|
||||
}
|
||||
}
|
|
@ -65,6 +65,6 @@ class Session {
|
|||
}
|
||||
|
||||
private function generateToken() {
|
||||
return md5(uniqid(rand()));
|
||||
return Hashing::generateRandomToken();;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
class SessionCookie extends DataStore {
|
||||
const TABLE = 'sessioncookie';
|
||||
|
||||
public static function getProps() {
|
||||
return array (
|
||||
'user',
|
||||
'token',
|
||||
'ip',
|
||||
'creationDate',
|
||||
'expirationDate'
|
||||
);
|
||||
}
|
||||
|
||||
protected function getDefaultProps() {
|
||||
return array();
|
||||
}
|
||||
}
|
|
@ -0,0 +1,29 @@
|
|||
<?php
|
||||
|
||||
class Session extends \Mock {
|
||||
public static $functionList = array();
|
||||
|
||||
public static function initStubs() {
|
||||
self::setStatics(array(
|
||||
'hashPassword' => parent::stub()->returns('HASHED_PASSword'),
|
||||
'verifyPassword' => parent::stub()->returns(true),
|
||||
'generateRandomToken' => parent::stub()->returns('TEST_TOKEN')
|
||||
));
|
||||
}
|
||||
|
||||
public static function mockInstanceFunction($functionName, $functionMock) {
|
||||
self::getInstance()->{$functionName} = $functionMock;
|
||||
}
|
||||
|
||||
private static function getInstanceMock() {
|
||||
return new \Mock(array(
|
||||
'initSession' => parent::stub(),
|
||||
'closeSession' => parent::stub(),
|
||||
'createSession' => parent::stub(),
|
||||
'getToken' => parent::stub()->returns('TEST_TOKEN'),
|
||||
'sessionExists' => parent::stub()->returns(false),
|
||||
'checkAuthentication' => parent::stub()->returns(true),
|
||||
'isLoggedWithId' => parent::stub()->returns(true),
|
||||
));
|
||||
}
|
||||
}
|
|
@ -38,7 +38,8 @@ class LoginControllerTest extends PHPUnit_Framework_TestCase {
|
|||
$this->assertTrue(Response::get('respondSuccess')->hasBeenCalledWithArgs(array(
|
||||
'userId' => 'MOCK_ID',
|
||||
'userEmail' => 'MOCK_EMAIL',
|
||||
'token' => 'TEST_TOKEN'
|
||||
'token' => 'TEST_TOKEN',
|
||||
'rememberToken' => null
|
||||
)));
|
||||
}
|
||||
|
||||
|
|
|
@ -9,4 +9,5 @@ require './scripts.rb'
|
|||
|
||||
# TESTS
|
||||
require './user/signup.rb'
|
||||
require './ticket/create.rb'
|
||||
require './user/login.rb'
|
||||
#require './ticket/create.rb'
|
||||
|
|
|
@ -1,25 +1,48 @@
|
|||
describe '/user/login' do
|
||||
before do
|
||||
@loginEmail = 'login@os4.com'
|
||||
@loginPass = 'loginpass'
|
||||
@loginEmail = 'login@os4.com'
|
||||
@loginPass = 'loginpass'
|
||||
|
||||
Scripts.createUser(@loginEmail, @loginPass)
|
||||
end
|
||||
Scripts.createUser(@loginEmail, @loginPass)
|
||||
|
||||
it 'should fail if password is incorrect' do
|
||||
result = request('/user/login', {
|
||||
email: @loginEmail,
|
||||
pass: 'some_incorrect_password'
|
||||
password: 'some_incorrect_password'
|
||||
})
|
||||
|
||||
(result['status']).should.equal('fail')
|
||||
end
|
||||
|
||||
it 'should login correctly' do
|
||||
# it 'should login correctly' do
|
||||
|
||||
# end
|
||||
|
||||
# it 'should fail if already logged in' do
|
||||
|
||||
# end
|
||||
|
||||
it 'should return remember token' do
|
||||
request('/user/logout', {})
|
||||
result = request('/user/login', {
|
||||
email: @loginEmail,
|
||||
password: @loginPass,
|
||||
remember: true
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
|
||||
@rememberToken = result['data']['rememberToken']# falta comproversion
|
||||
@userid = result['data']['userId']
|
||||
end
|
||||
|
||||
it 'should fail if already logged in' do
|
||||
it 'should login with token' do
|
||||
request('/user/logout', {})
|
||||
result = request('/user/login', {
|
||||
rememberToken: @rememberToken,
|
||||
userId: @userid
|
||||
})
|
||||
|
||||
(result['status']).should.equal('success')
|
||||
(result['data']['userId']).should.equal(@userid)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue