public function testCompile() { $field = new Honeypot("test", "Test"); $expected = "<div class=\"honeypot\" style=\"display: none;\"><input type=\"text\" name=\"test\" value=\"\" /></div>"; $value = $field->compile(); $this->assertEquals($expected, $value); }
/** * @test */ public function it_allows_send_a_contact_message() { MailThief::hijack(); Honeypot::disable(); $this->visit(route('contact.show'))->type('John Doe', 'name')->type('*****@*****.**', 'email')->type('Contract', 'subject')->type('PHP Interfaces are important.', 'text')->press('Send')->see(trans('contact::contact.send_successfully')); $this->assertTrue(MailThief::hasMessageFor('*****@*****.**')); $this->assertEquals('Contract', MailThief::lastMessage()->subject); $this->assertEquals('*****@*****.**', MailThief::lastMessage()->data['email']); }
/** * @test */ public function it_not_allow_to_login_without_verify() { // register a user Honeypot::disable(); $formUser = $this->registerUser(); // login $this->visit('/login')->type($formUser->email, 'email')->type($formUser->password, 'password')->press(trans('user::user.login'))->see('alert-danger'); $this->assertTrue(Auth::guest(), 'User is logged in'); }
private function doLogIn() { if (!AntiForgeryToken::getInstance()->validate()) { return Response::fiveHundred(); } if (!Honeypot::getInstance()->validate()) { return Response::fiveHundred(); } $hookEngine = HookEngine::getInstance(); $hookEngine->runAction('userIsLoggingIn'); $user = CurrentUser::getUserSession(); if ($user->isLoggedIn()) { return Response::redirect(new Link("")); } $username = Request::getPostParameter("username"); $password = Request::getPostParameter("password"); if (!$username) { return $this->showErrorMessage(); } if (!$password) { return $this->showErrorMessage(); } $lockoutEngine = LockoutEngine::getInstance(); if ($lockoutEngine->isLockedOut($_SERVER['REMOTE_ADDR'])) { return Response::redirect(new Link("users/login")); } $logger = Logger::getInstance(); $username = preg_replace('/\\s+/', '', strip_tags($username)); if (!$user->logIn($username, $password)) { $logger->logIt(new LogEntry(0, logEntryType::warning, 'Someone failed to log into ' . $username . '\'s account from IP:' . $_SERVER['REMOTE_ADDR'], 0, new DateTime())); return $this->showErrorMessage(); } $user = CurrentUser::getUserSession(); $logger->logIt(new LogEntry(0, logEntryType::info, 'A new session was opened for ' . $user->getFullName() . ', who has an IP of ' . $_SERVER['REMOTE_ADDR'] . '.', $user->getUserID(), new DateTime())); $hookEngine->runAction('userLoggedIn'); return Response::redirect(new Link("")); }
public function Honeypot() { return Honeypot::getInstance(); }
/** * @test */ public function it_allows_to_register_user() { Honeypot::disable(); $user = factory(User::class, 'form')->make(); $this->visit('/register')->see('Register')->type($user->username, 'username')->type($user->email, 'email')->type($user->password, 'password')->type($user->password, 'password_confirmation')->press(trans('user::user.register'))->see('alert-success'); }
private function secondStepPost($inParam2) { if (!$this->request->isPostRequest()) { $this->response = Response::fourOhFour(); return; } if (!AntiForgeryToken::getInstance()->validate()) { $this->response = Response::fiveHundred(); return; } if (!Honeypot::getInstance()->validate()) { $this->response = Response::fiveHundred(); return; } $token = Request::getPostParameter('token'); $email = Request::getPostParameter('email'); $newPassword = Request::getPostParameter('newPassword'); $confirmNewPassword = Request::getPostParameter('confirmNewPassword'); if ($token === false) { $this->response = Response::fiveHundred(); return; } if ($email === false) { $this->response = Response::fiveHundred(); return; } if ($newPassword === false) { $this->response = Response::fiveHundred(); return; } if ($confirmNewPassword === false) { $this->response = Response::fiveHundred(); return; } $token = preg_replace('/\\s+/', '', strip_tags($token)); if ($inParam2 !== $token) { $this->response = Response::fiveHundred(); return; } $forgotPasswordEngine = ForgotPasswordEngine::getInstance(); $forgotPassword1 = $forgotPasswordEngine->getForgotPasswordByToken($token); if ($forgotPassword1 === false) { $this->response = Response::fiveHundred(); return; } if (!$forgotPasswordEngine->forgotPasswordIsOfValidAge($forgotPassword1)) { $this->response = Response::fourOhFour(); return; } $username = preg_replace('/\\s+/', '', strip_tags($email)); $validator = new emailValidator(); if (!$validator->validate($username)) { $this->showErrorMessageForForgotPasswordIdentity(); $this->redirectOnError($inParam2); return; } $user = UserEngine::getInstance()->getUserByEmail($username); if ($user === false) { $this->showErrorMessageForForgotPasswordIdentity(); $this->redirectOnError($inParam2); return; } $forgotPassword2 = $forgotPasswordEngine->getForgotPasswordByUserID($user->getUserID()); if ($forgotPassword2 === false) { $this->showErrorMessageForForgotPasswordIdentity(); $this->redirectOnError($inParam2); return; } if (!$forgotPasswordEngine->forgotPasswordIsOfValidAge($forgotPassword2)) { $this->showErrorMessageForForgotPasswordIdentity(); $this->redirectOnError($inParam2); return; } if ($forgotPassword1->getID() !== $forgotPassword2->getID()) { $this->showErrorMessageForForgotPasswordIdentity(); $this->redirectOnError($inParam2); return; } if (!$forgotPassword1->verify($forgotPassword2->getToken(), $forgotPassword2->getUserID())) { $this->showErrorMessageForForgotPasswordIdentity(); $this->redirectOnError($inParam2); return; } if (!$forgotPassword2->verify($forgotPassword1->getToken(), $forgotPassword1->getUserID())) { $this->showErrorMessageForForgotPasswordIdentity(); $this->redirectOnError($inParam2); return; } $minimumPasswordLength = $forgotPasswordEngine->getMinimumPasswordLength(); if ($newPassword !== $confirmNewPassword) { $this->showErrorMessageForForgotPasswordNonMatch($minimumPasswordLength); $this->redirectOnError($inParam2); return; } if (!$forgotPasswordEngine->resetUsersPassword($forgotPassword1->getToken(), $forgotPassword2->getUserID(), $newPassword, $confirmNewPassword)) { $this->showErrorMessageForForgotPasswordNonMatch($minimumPasswordLength); $this->redirectOnError($inParam2); return; } $forgotPasswordEngine->removeForgotPassword($forgotPassword1); $this->showSuccessMessageForForgotPasswordChange(); $this->response = Response::redirect(new Link("users/login")); }