Merge branch 'master' into remember-me-frontend

This commit is contained in:
ivan 2016-07-19 11:00:42 -03:00
commit 6662f0da61
8 changed files with 123 additions and 15 deletions

View File

@ -5,7 +5,8 @@ class LoginController extends Controller {
private $userInstance;
private $session;
private $rememberToken;
public function validations() {
return [
'permission' => 'any',
@ -19,8 +20,9 @@ class LoginController extends Controller {
return;
}
if ($this->areCredentialsValid()) {
if ($this->areCredentialsValid() || $this->isRememberTokenValid()) {
$this->createUserSession();
$this->createSessionCookie();
Response::respondSuccess($this->getUserData());
} else {
@ -36,6 +38,20 @@ class LoginController extends Controller {
return ($this->getUserByInputCredentials() !== null);
}
private function isRememberTokenValid() {
$rememberToken = Controller::request('rememberToken');
if ($rememberToken) {
$sessionCookie = SessionCookie::getDataStore($rememberToken, 'token');
$userid = Controller::request('userId');
if ($sessionCookie !== null && $userid === $sessionCookie->user->id) {
$this->userInstance = $sessionCookie->user;
return true;
}
}
}
private function createUserSession() {
$this->getSession()->createSession($this->userInstance->id);
}
@ -46,7 +62,8 @@ class LoginController extends Controller {
return array(
'userId' => $userInstance->id,
'userEmail' => $userInstance->email,
'token' => $this->getSession()->getToken()
'token' => $this->getSession()->getToken(),
'rememberToken' => $this->rememberToken
);
}
@ -68,4 +85,19 @@ class LoginController extends Controller {
return $this->session;
}
private function createSessionCookie(){
$remember = Controller::request('remember');
if ($remember) {
$this->rememberToken = Hashing::generateRandomToken();
$sessionCookie = new SessionCookie();
$sessionCookie->setProperties(array(
'user' => $this->userInstance->getBeanInstance(),
'token' => $this->rememberToken,
'ip' => $_SERVER['REMOTE_ADDR'],
'creationDate' => date('d-m-Y (H:i:s)')
));
$sessionCookie->store();
}
}
}

View File

@ -7,4 +7,7 @@ class Hashing {
public static function verifyPassword($password, $hash) {
return password_verify($password, $hash);
}
public static function generateRandomToken() {
return md5(uniqid(rand()));
}
}

View File

@ -65,6 +65,6 @@ class Session {
}
private function generateToken() {
return md5(uniqid(rand()));
return Hashing::generateRandomToken();;
}
}

View File

@ -0,0 +1,19 @@
<?php
class SessionCookie extends DataStore {
const TABLE = 'sessioncookie';
public static function getProps() {
return array (
'user',
'token',
'ip',
'creationDate',
'expirationDate'
);
}
protected function getDefaultProps() {
return array();
}
}

View File

@ -0,0 +1,29 @@
<?php
class Session extends \Mock {
public static $functionList = array();
public static function initStubs() {
self::setStatics(array(
'hashPassword' => parent::stub()->returns('HASHED_PASSword'),
'verifyPassword' => parent::stub()->returns(true),
'generateRandomToken' => parent::stub()->returns('TEST_TOKEN')
));
}
public static function mockInstanceFunction($functionName, $functionMock) {
self::getInstance()->{$functionName} = $functionMock;
}
private static function getInstanceMock() {
return new \Mock(array(
'initSession' => parent::stub(),
'closeSession' => parent::stub(),
'createSession' => parent::stub(),
'getToken' => parent::stub()->returns('TEST_TOKEN'),
'sessionExists' => parent::stub()->returns(false),
'checkAuthentication' => parent::stub()->returns(true),
'isLoggedWithId' => parent::stub()->returns(true),
));
}
}

View File

@ -38,7 +38,8 @@ class LoginControllerTest extends PHPUnit_Framework_TestCase {
$this->assertTrue(Response::get('respondSuccess')->hasBeenCalledWithArgs(array(
'userId' => 'MOCK_ID',
'userEmail' => 'MOCK_EMAIL',
'token' => 'TEST_TOKEN'
'token' => 'TEST_TOKEN',
'rememberToken' => null
)));
}

View File

@ -9,4 +9,5 @@ require './scripts.rb'
# TESTS
require './user/signup.rb'
require './ticket/create.rb'
require './user/login.rb'
#require './ticket/create.rb'

View File

@ -1,25 +1,48 @@
describe '/user/login' do
before do
@loginEmail = 'login@os4.com'
@loginPass = 'loginpass'
@loginEmail = 'login@os4.com'
@loginPass = 'loginpass'
Scripts.createUser(@loginEmail, @loginPass)
end
Scripts.createUser(@loginEmail, @loginPass)
it 'should fail if password is incorrect' do
result = request('/user/login', {
email: @loginEmail,
pass: 'some_incorrect_password'
password: 'some_incorrect_password'
})
(result['status']).should.equal('fail')
end
it 'should login correctly' do
# it 'should login correctly' do
# end
# it 'should fail if already logged in' do
# end
it 'should return remember token' do
request('/user/logout', {})
result = request('/user/login', {
email: @loginEmail,
password: @loginPass,
remember: true
})
(result['status']).should.equal('success')
@rememberToken = result['data']['rememberToken']# falta comproversion
@userid = result['data']['userId']
end
it 'should fail if already logged in' do
it 'should login with token' do
request('/user/logout', {})
result = request('/user/login', {
rememberToken: @rememberToken,
userId: @userid
})
(result['status']).should.equal('success')
(result['data']['userId']).should.equal(@userid)
end
end
end