public function testStartInvalidFingerprint()
 {
     $handler = new \FabysCore\Component\Session\Handler\NativeSessionHandler();
     $arraySession = new \FabysCore\Component\Session\Type\ArraySession($handler);
     $arraySession->set("test", "value");
     $request = \FabysCore\Component\HTTP\ServerRequest::createNew([], [], [], [], ["HTTP_USER_AGENT" => "test", "REMOTE_ADDR" => "127.0.0.1", "REQUEST_METHOD" => "GET", "HTTP_HOST" => "localhost", "REQUEST_URI" => "/", "SCRIPT_NAME" => "index.php"]);
     $response = new \FabysCore\Component\HTTP\Response();
     $session = new \FabysCore\Component\Session\Session($arraySession, 60);
     $called = false;
     $session->init($request, $response, function (\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response) use(&$called) {
         $called = true;
     });
     $this->assertTrue($called);
     $this->assertTrue($session->start());
     $this->assertEquals("value", $session->get("test"));
     $fingerPrint = $session->get("fabyscore._sessfingerprint");
     $this->assertNotEmpty($fingerPrint);
     $request = \FabysCore\Component\HTTP\ServerRequest::createNew([], [], [], [], ["HTTP_USER_AGENT" => "changed", "REMOTE_ADDR" => "127.0.0.1", "REQUEST_METHOD" => "GET", "HTTP_HOST" => "localhost", "REQUEST_URI" => "/", "SCRIPT_NAME" => "index.php"]);
     $session2 = new \FabysCore\Component\Session\Session($arraySession, 60);
     $called = false;
     $session2->init($request, $response, function (\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response) use(&$called) {
         $called = true;
     });
     $this->assertTrue($called);
     $this->assertTrue($session2->start());
     $this->assertNull($session->get("test"));
     $this->assertNotEquals($fingerPrint, $session->get("fabyscore._sessfingerprint"));
 }
 /**
  * adds the user data to the session
  * 
  * @param UserInterface $user
  * @param bool $rememberMe
  * @return bool
  */
 private function setSessionData(UserInterface $user, bool $rememberMe = false)
 {
     // process remember me
     if ($rememberMe) {
         $rememberMeToken = new RememberMeToken($user->getId(), $this->loginToken->getToken());
         $this->loginToken->setRememberMeToken(password_hash($rememberMeToken->getToken(), PASSWORD_BCRYPT));
         $rememberMeExpire = time() + $this->rememberMeLifetime;
         $this->loginToken->setRememberMeExpire($rememberMeExpire);
         $this->setRememberCookie(base64_encode($rememberMeToken->toString()), $rememberMeExpire);
     }
     // set session keys
     $this->session->regenerate();
     $this->session->set("security._user", $user->getId());
     $this->session->set("security._logintoken", $this->loginToken->getToken());
     return true;
 }
 /**
  * generates the csrf token
  *
  * @param string $formId
  * @return string
  */
 public function generateToken(string $formId)
 {
     return hash("sha256", $formId . $this->session->getSessionId() . $this->secret);
 }