tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into remember-me-frontend

This commit is contained in:
ivan 2016-07-19 11:00:42 -03:00
parent 0e6a73f4eb c613d886b3
commit 6662f0da61
8 changed files with 123 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
server/controllers/user/login.php
View File

@ -5,6 +5,7 @@ class LoginController extends Controller {
private $userInstance; private $userInstance;
private $session; private $session;
private $rememberToken;
public function validations() { public function validations() {
return [ return [
@ -19,8 +20,9 @@ class LoginController extends Controller {
return; return;
} }
if ($this->areCredentialsValid()) { if ($this->areCredentialsValid() || $this->isRememberTokenValid()) {
$this->createUserSession(); $this->createUserSession();
$this->createSessionCookie();
Response::respondSuccess($this->getUserData()); Response::respondSuccess($this->getUserData());
} else { } else {
@ -36,6 +38,20 @@ class LoginController extends Controller {
return ($this->getUserByInputCredentials() !== null); return ($this->getUserByInputCredentials() !== null);
} }
private function isRememberTokenValid() {
$rememberToken = Controller::request('rememberToken');
if ($rememberToken) {
$sessionCookie = SessionCookie::getDataStore($rememberToken, 'token');
$userid = Controller::request('userId');
if ($sessionCookie !== null && $userid === $sessionCookie->user->id) {
$this->userInstance = $sessionCookie->user;
return true;
}
}
}
private function createUserSession() { private function createUserSession() {
$this->getSession()->createSession($this->userInstance->id); $this->getSession()->createSession($this->userInstance->id);
} }
@ -46,7 +62,8 @@ class LoginController extends Controller {
return array( return array(
'userId' => $userInstance->id, 'userId' => $userInstance->id,
'userEmail' => $userInstance->email, 'userEmail' => $userInstance->email,
'token' => $this->getSession()->getToken() 'token' => $this->getSession()->getToken(),
'rememberToken' => $this->rememberToken
); );
} }
@ -68,4 +85,19 @@ class LoginController extends Controller {
return $this->session; return $this->session;
} }
private function createSessionCookie(){
$remember = Controller::request('remember');
if ($remember) {
$this->rememberToken = Hashing::generateRandomToken();
$sessionCookie = new SessionCookie();
$sessionCookie->setProperties(array(
'user' => $this->userInstance->getBeanInstance(),
'token' => $this->rememberToken,
'ip' => $_SERVER['REMOTE_ADDR'],
'creationDate' => date('d-m-Y (H:i:s)')
));
$sessionCookie->store();
}
}
} }

3
server/libs/Hashing.php
View File

@ -7,4 +7,7 @@ class Hashing {
public static function verifyPassword($password, $hash) { public static function verifyPassword($password, $hash) {
return password_verify($password, $hash); return password_verify($password, $hash);
} }
public static function generateRandomToken() {
return md5(uniqid(rand()));
}
} }

2
server/models/Session.php
View File

@ -65,6 +65,6 @@ class Session {
} }
private function generateToken() { private function generateToken() {
return md5(uniqid(rand())); return Hashing::generateRandomToken();;
} }
} }

19
server/models/SessionCookie.php Normal file
View File

@ -0,0 +1,19 @@
<?php
class SessionCookie extends DataStore {
const TABLE = 'sessioncookie';
public static function getProps() {
return array (
'user',
'token',
'ip',
'creationDate',
'expirationDate'
);
}
protected function getDefaultProps() {
return array();
}
}

29
server/tests/__mocks__/HashingMock.php Normal file
View File

@ -0,0 +1,29 @@
<?php
class Session extends \Mock {
public static $functionList = array();
public static function initStubs() {
self::setStatics(array(
'hashPassword' => parent::stub()->returns('HASHED_PASSword'),
'verifyPassword' => parent::stub()->returns(true),
'generateRandomToken' => parent::stub()->returns('TEST_TOKEN')
));
}
public static function mockInstanceFunction($functionName, $functionMock) {
self::getInstance()->{$functionName} = $functionMock;
}
private static function getInstanceMock() {
return new \Mock(array(
'initSession' => parent::stub(),
'closeSession' => parent::stub(),
'createSession' => parent::stub(),
'getToken' => parent::stub()->returns('TEST_TOKEN'),
'sessionExists' => parent::stub()->returns(false),
'checkAuthentication' => parent::stub()->returns(true),
'isLoggedWithId' => parent::stub()->returns(true),
));
}
}

3
server/tests/controllers/user/loginTest.php
View File

@ -38,7 +38,8 @@ class LoginControllerTest extends PHPUnit_Framework_TestCase {
$this->assertTrue(Response::get('respondSuccess')->hasBeenCalledWithArgs(array( $this->assertTrue(Response::get('respondSuccess')->hasBeenCalledWithArgs(array(
'userId' => 'MOCK_ID', 'userId' => 'MOCK_ID',
'userEmail' => 'MOCK_EMAIL', 'userEmail' => 'MOCK_EMAIL',
'token' => 'TEST_TOKEN' 'token' => 'TEST_TOKEN',
'rememberToken' => null
))); )));
} }

3
tests/init.rb
View File

@ -9,4 +9,5 @@ require './scripts.rb'
# TESTS # TESTS
require './user/signup.rb' require './user/signup.rb'
require './ticket/create.rb' require './user/login.rb'
#require './ticket/create.rb'

33
tests/user/login.rb
View File

@ -1,25 +1,48 @@
describe '/user/login' do describe '/user/login' do
before do
@loginEmail = 'login@os4.com' @loginEmail = 'login@os4.com'
@loginPass = 'loginpass' @loginPass = 'loginpass'
Scripts.createUser(@loginEmail, @loginPass) Scripts.createUser(@loginEmail, @loginPass)
end
it 'should fail if password is incorrect' do it 'should fail if password is incorrect' do
result = request('/user/login', { result = request('/user/login', {
email: @loginEmail, email: @loginEmail,
pass: 'some_incorrect_password' password: 'some_incorrect_password'
}) })
(result['status']).should.equal('fail') (result['status']).should.equal('fail')
end end
it 'should login correctly' do # it 'should login correctly' do
# end
# it 'should fail if already logged in' do
# end
it 'should return remember token' do
request('/user/logout', {})
result = request('/user/login', {
email: @loginEmail,
password: @loginPass,
remember: true
})
(result['status']).should.equal('success')
@rememberToken = result['data']['rememberToken']# falta comproversion
@userid = result['data']['userId']
end end
it 'should fail if already logged in' do it 'should login with token' do
request('/user/logout', {})
result = request('/user/login', {
rememberToken: @rememberToken,
userId: @userid
})
(result['status']).should.equal('success')
(result['data']['userId']).should.equal(@userid)
end end
end end