aboutsummaryrefslogtreecommitdiffstats
path: root/tests/session/session_key_test.php
blob: bf3dfcaa3cb5020b89fc626b9363a000441adf66 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/

require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
require_once dirname(__FILE__) . '/../test_framework/phpbb_session_test_case.php';

class phpbb_session_login_keys_test extends phpbb_session_test_case
{
	protected $user_id = 4;
	protected $key_id = 4;

	public function getDataSet()
	{
		return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/sessions_key.xml');
	}

	public function test_set_key_manually()
	{
		// With AutoLogin setup
		$this->session_factory->merge_config_data(array('allow_autologin' => true));
		$session = $this->session_factory->get_session($this->db);

		// Using a user_id and key that is already in the database
		$session->cookie_data['u'] = $this->user_id;
		$session->cookie_data['k'] = $this->key_id;

		// Try to access session with the session key
		$session->session_create(false, false, false);
		$this->assertEquals($this->user_id, $session->data['user_id'], 'User should be logged in by the session key');
	}

	public function test_reset_keys()
	{
		// With AutoLogin setup
		$this->session_factory->merge_config_data(array('allow_autologin' => true));
		$session = $this->session_factory->get_session($this->db);

		// Reset of the keys for this user
		$session->reset_login_keys($this->user_id);

		// Using a user_id and key that was in the database (before reset)
		$session->cookie_data['u'] = $this->user_id;
		$session->cookie_data['k'] = $this->key_id;

		// Try to access session with the session key
		$session->session_create(false, false, $this->user_id);
		$this->assertNotEquals($this->user_id, $session->data['user_id'], 'User is not logged in because the session key is invalid');

		$session->session_create($this->user_id, false, false);
		$this->assertEquals($this->user_id, $session->data['user_id'], 'User should be logged in because we create a new session');
	}
}