mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 11:28:25 +00:00
Starting to remove magical login process.
Updating tests to actually test the methods they are named after.
This commit is contained in:
mark_story
parent
d8f2cf9395
commit
dc8c99308e
2 changed files with 27 additions and 77 deletions
|
|
@ -333,29 +333,11 @@ class AuthComponent extends Component {
|
|||
}
|
||||
|
||||
if ($loginAction == $url) {
|
||||
$model = $this->getModel();
|
||||
if (empty($request->data) || !isset($request->data[$model->alias])) {
|
||||
if (empty($request->data)) {
|
||||
if (!$this->Session->check('Auth.redirect') && !$this->loginRedirect && env('HTTP_REFERER')) {
|
||||
$this->Session->write('Auth.redirect', $controller->referer(null, true));
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
$isValid = !empty($request->data[$model->alias][$this->fields['username']]) &&
|
||||
!empty($request->data[$model->alias][$this->fields['password']]);
|
||||
|
||||
if ($isValid) {
|
||||
if ($this->login()) {
|
||||
if ($this->autoRedirect) {
|
||||
$controller->redirect($this->redirect(), null, true);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
$this->flash($this->loginError);
|
||||
$request->data[$model->alias][$this->fields['password']] = null;
|
||||
return false;
|
||||
} else {
|
||||
if (!$this->user()) {
|
||||
if (!$request->is('ajax')) {
|
||||
|
|
|
|||
|
|
@ -505,6 +505,8 @@ class AuthTest extends CakeTestCase {
|
|||
|
||||
$this->initialized = true;
|
||||
Router::reload();
|
||||
|
||||
ClassRegistry::init('AuthUser')->updateAll(array('password' => '"' . Security::hash('cake', null, true) . '"'));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -560,71 +562,37 @@ class AuthTest extends CakeTestCase {
|
|||
* @return void
|
||||
*/
|
||||
function testLogin() {
|
||||
$this->AuthUser = new AuthUser();
|
||||
$user['id'] = 1;
|
||||
$user['username'] = 'mariano';
|
||||
$user['password'] = Security::hash(Configure::read('Security.salt') . 'cake');
|
||||
$this->AuthUser->save($user, false);
|
||||
$this->getMock('FormAuthenticate', array(), array(), 'AuthLoginFormAuthenticate', false);
|
||||
$this->Controller->Auth->authenticate = array(
|
||||
'AuthLoginForm' => array(
|
||||
'userModel' => 'AuthUser'
|
||||
)
|
||||
);
|
||||
$mocks = $this->Controller->Auth->constructAuthenticate();
|
||||
$this->mockObjects[] = $mocks[0];
|
||||
|
||||
$authUser = $this->AuthUser->find();
|
||||
|
||||
$this->Controller->request->data['AuthUser'] = array(
|
||||
'username' => $authUser['AuthUser']['username'], 'password' => 'cake'
|
||||
$this->Controller->Auth->request->data = array(
|
||||
'AuthUser' => array(
|
||||
'username' => 'mark',
|
||||
'password' => Security::hash('cake', null, true)
|
||||
)
|
||||
);
|
||||
|
||||
$this->Controller->request->addParams(Router::parse('auth_test/login'));
|
||||
$this->Controller->request->query['url'] = 'auth_test/login';
|
||||
|
||||
$this->Controller->Auth->initialize($this->Controller);
|
||||
|
||||
$this->Controller->Auth->loginAction = 'auth_test/login';
|
||||
$this->Controller->Auth->userModel = 'AuthUser';
|
||||
|
||||
$this->Controller->Auth->startup($this->Controller);
|
||||
$user = $this->Controller->Auth->user();
|
||||
$expected = array(
|
||||
$user = array(
|
||||
'id' => 1,
|
||||
'username' => 'mariano',
|
||||
'created' => '2007-03-17 01:16:23',
|
||||
'updated' => date('Y-m-d H:i:s')
|
||||
);
|
||||
$this->assertEqual($user, $expected);
|
||||
$this->Controller->Session->delete('Auth');
|
||||
|
||||
$this->Controller->request->data['AuthUser'] = array(
|
||||
'username' => 'blah',
|
||||
'password' => ''
|
||||
'username' => 'mark'
|
||||
);
|
||||
|
||||
$this->Controller->Auth->startup($this->Controller);
|
||||
$mocks[0]->expects($this->once())
|
||||
->method('authenticate')
|
||||
->with($this->Controller->Auth->request)
|
||||
->will($this->returnValue($user));
|
||||
|
||||
$user = $this->Controller->Auth->user();
|
||||
$this->assertNull($user);
|
||||
$this->Controller->Session->delete('Auth');
|
||||
$result = $this->Controller->Auth->login();
|
||||
$this->assertTrue($result);
|
||||
|
||||
$this->Controller->request->data['AuthUser'] = array(
|
||||
'username' => 'now() or 1=1 --',
|
||||
'password' => ''
|
||||
);
|
||||
|
||||
$this->Controller->Auth->startup($this->Controller);
|
||||
|
||||
$user = $this->Controller->Auth->user();
|
||||
$this->assertNull($user);
|
||||
$this->Controller->Session->delete('Auth');
|
||||
|
||||
$this->Controller->request->data['AuthUser'] = array(
|
||||
'username' => 'now() or 1=1 #something',
|
||||
'password' => ''
|
||||
);
|
||||
|
||||
$this->Controller->Auth->startup($this->Controller);
|
||||
|
||||
$user = $this->Controller->Auth->user();
|
||||
$this->assertNull($user);
|
||||
$this->Controller->Session->delete('Auth');
|
||||
|
||||
$this->Controller->Session->delete('Auth');
|
||||
$this->assertTrue($this->Controller->Auth->loggedIn());
|
||||
$this->assertEquals($user, $this->Controller->Auth->user());
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in a new issue