/** * Test login() method updates password if hash quality has been updated */ public function testLoginUpdatesPasswordIfNecessaryAndSetsSession() { $mockCommentatorId = 1; $mockUsername = '******'; $mockPassword = '******'; $mockHash = 'gibberish'; $mockHash2 = 'gibberishupdate'; $mockProvidedData = ['username' => $mockUsername, 'password' => $mockPassword]; $mockUserRecord = ['username' => $mockUsername, 'password_hash' => $mockHash, 'commentator_id' => $mockCommentatorId]; $mockSessionArgs = ['username' => $mockUsername, 'commentator_id' => $mockCommentatorId]; $mockApp = m::mock(\Silex\Application::class)->makePartial(); $mockSessionObject = m::mock(\stdClass::class); $mockSessionObject->shouldReceive('set')->with('commentator', $mockSessionArgs); $mockDataObject = m::mock(CommentatorData::class, [$mockApp]); $mockDataObject->shouldReceive('fetchCommentatorByUsername')->with($mockUsername)->andReturn($mockUserRecord); $mockDataObject->shouldReceive('updatePassword')->with($mockCommentatorId, $mockHash2); $mockDataObject->shouldReceive('getSession')->andReturn($mockSessionObject); $mockPasswordObject = m::mock(Password::class); $mockPasswordObject->shouldReceive('verifyPassword')->with($mockPassword, $mockHash)->andReturn(true); $mockPasswordObject->shouldReceive('getHash')->andReturn($mockHash2); $mockPasswordObject->shouldReceive('isSecurePassword')->andReturn(false); $object = new CommentatorApi($mockDataObject); $object->setPasswordObject($mockPasswordObject); $object->login($mockProvidedData); }
/** * @param Application $app * @param $user string * * @return \Symfony\Component\HttpFoundation\RedirectResponse|Response */ public function validateLogin(Application $app, $user) { $resultFalseMessage = 'Failed logging in. Reason: '; $resultTrueMessage = 'Successfully logged in.'; switch ($user) { case 'author': $apiObject = new AuthorApi(new AuthorData($app)); break; case 'commentator': $apiObject = new CommentatorApi(new CommentatorData($app)); break; default: $app['session']->getFlashBag()->add('message', 'Unknown user login attempt.'); return $this->index($app); } $apiObject->setPasswordObject(new Password()); try { $result = $apiObject->login($_POST); } catch (\InvalidArgumentException $e) { $message = $e->getMessage(); } catch (\UnexpectedValueException $e) { $message = $e->getMessage(); } if (!isset($result) || !$result) { $app['session']->getFlashBag()->add('message', $resultFalseMessage); if (isset($message)) { $app['session']->getFlashBag()->add('message', $message); } // return $app->redirect($failureRedirPath, $failureRedirCode); return $this->viewLogin($app, $user); } $app['session']->getFlashBag()->add('message', $resultTrueMessage); return $this->index($app); }