public function _init() { Session::config(array( 'flash_message' => array( 'adapter' => '\lithium\tests\mocks\storage\session\adapter\MockPhp' ) )); }
/** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; use lithium\core\Libraries; /** * This ensures any other library (loaded first) applies its config * and it remains. Running Session::config(array(...)) again will * overwrite the original configuration. * Therefore, we get the current configuration and append it to * Lithium Bootstrap's default, which is a very common and basic * confiuration. This prevents each library from needing to set * a session configuration and gives a default that each library * can assume will be available. * * Yes, it is a good idea for your libraries with special session * needs to use uniquely named configurations. It is also wise * to run the same type of append method as you see below in order * to ensure you are not overwriting any session configurations * set by other libraries that may have been loaded before yours. */ $config = Session::config(); $config += array('cookie' => array('adapter' => 'Cookie'), 'default' => array('adapter' => 'Php'), 'flash_message' => array('adapter' => 'Php')); // Allow the session configuration to be set in the Libraries::add() call for li3b_core. $li3bCoreConfig = Libraries::get('li3b_core'); if (isset($li3bCoreConfig['session'])) { $config = $li3bCoreConfig['session']; } Session::config($config);
public function testHmacStrategyOnNonExistKey() { Session::config(array('primary' => array('adapter' => new Memory(), 'strategies' => array('Hmac' => array('secret' => 's3cr3t'))))); $this->assertEmpty(Session::read('test')); Session::write('test', 'value'); $result = Session::read('test'); $expected = 'value'; $this->assertEqual($expected, $result); }
public function setUp() { Session::config(array('default' => array('adapter' => 'Memory'))); }
public function testEncryptStrategyWithPhpAdapter() { $config = array('name' => 'encryptInt'); Session::config(array($config['name'] => array('adapter' => 'Php', 'strategies' => array('Encrypt' => array('secret' => 's3cr3t'))))); Session::clear($config); $key = 'test'; $value = 'value'; $this->assertTrue(Session::write($key, $value, $config)); $this->assertEqual($value, Session::read($key, $config)); $this->assertTrue(Session::delete($key, $config)); $this->assertNull(Session::read($key, $config)); Session::clear($config); $this->assertTrue(Session::write('foo', 'bar', $config)); $this->assertEqual('bar', Session::read('foo', $config)); $this->assertTrue(Session::write('foo', 'bar1', $config)); $this->assertEqual('bar1', Session::read('foo', $config)); Session::clear($config); $this->assertTrue(Session::write($key, $value, $config)); $this->assertEqual($value, Session::read($key, $config)); }
<?php /** * Lithium: the most rad php framework * * @copyright Copyright 2010, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; Session::config(array('cookie' => array('adapter' => 'Cookie'), 'default' => array('adapter' => 'Php'))); /** * Uncomment this to enable forms-based authentication. The configuration below will attempt to * authenticate users against a `User` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `User::first()` to * the session using the default session configuration. Once the session data is written, you can * call `Auth::check('default')` to check authentication status or retrieve the user's data from the * session. Call `Auth::clear('default')` to remove the user's authentication details from the * session. This effectively logs a user out of the system. To modify the form input that the * adapter accepts, or how the configured model is queried, or how the data is stored in the * session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form * @see lithium\action\Request::$data * @see lithium\security\Auth */
/** * Lithium: the most rad php framework * * @copyright Copyright 2012, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. * The default name is based on the lithium app path. Remember, if your app is numeric or has * special characters you might want to use Inflector::slug() or set this manually. */ use lithium\storage\Session; $name = basename(LITHIUM_APP_PATH); Session::config(array('cookie' => array('adapter' => 'Cookie', 'name' => $name), 'default' => array('adapter' => 'Php', 'session.name' => $name))); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form
public function setUp() { Session::config(array('test' => array('adapter' => 'Memory'))); Auth::config(array('test' => array('adapter' => '\\lithium\\tests\\mocks\\security\\auth\\adapter\\MockAuthAdapter'))); }
<?php /** * Lithium: the most rad php framework * * @copyright Copyright 2010, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ namespace lithium\tests\integration\storage; use lithium\storage\Session; Session::config(array('test' => array('name' => 'test', 'adapter' => 'Php', 'cookie_lifetime' => 0))); class SessionPhpTest extends \lithium\test\Unit { public function testWriteReadDelete() { $key = 'test'; $value = 'value'; Session::write($key, $value, array('name' => 'test')); $result = Session::read($key, array('name' => 'test')); $this->assertEqual($value, $result); $this->assertTrue(Session::delete($key, array('name' => 'test'))); $result = Session::read($key, array('name' => 'test')); $this->assertNull($result); } }
<?php /** * Lithium: the most rad php framework * * @copyright Copyright 2010, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; Session::config(array('cookie' => array('adapter' => 'Cookie'))); /** * Uncomment this to enable forms-based authentication. The configuration below will attempt to * authenticate users against a `User` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `User::first()` to * the session using the default session configuration. Once the session data is written, you can * call `Auth::check('default')` to check authentication status or retrieve the user's data from the * session. Call `Auth::clear('default')` to remove the user's authentication details from the * session. This effectively logs a user out of the system. To modify the form input that the * adapter accepts, or how the configured model is queried, or how the data is stored in the * session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form * @see lithium\action\Request::$data * @see lithium\security\Auth */
public function testStrategies() { Session::config(array('primary' => array('adapter' => new Memory(), 'filters' => array(), 'strategies' => array('lithium\\storage\\cache\\strategy\\Json')))); Session::write('test', array('foo' => 'bar')); $this->assertEqual(array('foo' => 'bar'), Session::read('test')); $this->assertTrue(Session::check('test')); $this->assertTrue(Session::check('test', array('strategies' => false))); $result = Session::read('test', array('strategies' => false)); $this->assertEqual('{"foo":"bar"}', $result); $result = Session::clear(array('strategies' => false)); $this->assertNull(Session::read('test')); $this->assertFalse(Session::check('test')); $this->assertFalse(Session::check('test', array('strategies' => false))); }
public function testConfigNoAdapters() { Session::config(array('conditional' => array('adapter' => new SessionStorageConditional()))); $this->assertTrue(Session::write('key', 'value')); $this->assertEqual(Session::read('key'), 'value'); $this->assertFalse(Session::read('key', array('fail' => true))); }
public function testHmacStrategy() { $key = 'test'; $value = 'value'; $name = 'hmac_test'; Session::config(array('default' => array('adapter' => 'Cookie', 'strategies' => array('Hmac' => array('secret' => 'somesecretkey')), 'name' => $name))); $cache = $_COOKIE; $_COOKIE[$name]['injectedkey'] = 'hax0r'; $this->expectException('/Possible data tampering - HMAC signature does not match data./'); $result = Session::read($key, array('name' => 'hmac')); $_COOKIE = $cache; }
public function testEncryptedStrategy() { $this->skipIf(!MockEncrypt::enabled(), 'The Mcrypt extension is not installed or enabled.'); $key = 'foobar'; $adapter = new Memory(); Session::config(array('primary' => array('adapter' => $adapter, 'filters' => array(), 'strategies' => array('lithium\\tests\\mocks\\storage\\session\\strategy\\MockEncrypt' => array('secret' => $key))))); $value = array('foo' => 'bar'); Session::write('test', $value); $this->assertEqual(array('foo' => 'bar'), Session::read('test')); $this->assertTrue(Session::check('test')); $this->assertTrue(Session::check('test', array('strategies' => false))); $encrypted = Session::read('test', array('strategies' => false)); $this->assertNotEqual($value, $encrypted); $this->assertTrue(is_string($encrypted)); $result = Session::read('test'); $this->assertEqual($value, $result); $result = Session::clear(array('strategies' => false)); $this->assertNull(Session::read('test')); $this->assertFalse(Session::check('test')); $this->assertFalse(Session::check('test', array('strategies' => false))); $savedData = array('test' => $value); $encrypt = new MockEncrypt(array('secret' => $key)); $result = $encrypt->encrypt($savedData); $this->assertEqual($encrypted, $result); $result = $encrypt->decrypt($encrypted); $this->assertEqual($savedData, $result); }
/** * Lithium: the most rad php framework * * @copyright Copyright 2011, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; use lithium\security\Auth; use lithium\core\Libraries; $name = basename(LITHIUM_APP_PATH); Session::config(array('default' => array('adapter' => 'Php', 'session.name' => 'PHPSESSID', 'session.save_handler' => 'memcached', 'session.save_path' => 'localhost:11211'))); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. * * @see lithium\security\auth\adapter\Form
public function testStrategiesPhpAdapter() { Session::config(array('strategy' => array('adapter' => 'Php', 'strategies' => array('Hmac' => array('secret' => 'somesecretkey'))))); $key = 'test'; $value = 'value'; Session::write($key, $value, array('name' => 'strategy')); $result = Session::read($key, array('name' => 'strategy')); $this->assertEqual($value, $result); $this->assertTrue(Session::delete($key, array('name' => 'strategy'))); $result = Session::read($key, array('name' => 'strategy')); $this->assertNull($result); Session::write($key, $value, array('name' => 'strategy')); $result = Session::read($key, array('name' => 'strategy')); $this->assertEqual($value, $result); $cache = $_SESSION; $_SESSION['injectedkey'] = 'hax0r'; $this->expectException('/Possible data tampering - HMAC signature does not match data./'); $result = Session::read($key, array('name' => 'strategy')); $_SESSION = $cache; }
public function testEncryptStrategyWithPhpAdapter() { $this->skipIf(PHP_SAPI === 'cli', 'No PHP session support in cli SAPI.'); $this->skipIf(!extension_loaded('mcrypt'), 'The `mcrypt` extension is not loaded.'); $config = array('name' => 'encryptInt'); Session::config(array($config['name'] => array('adapter' => 'Php', 'strategies' => array('Encrypt' => array('secret' => 's3cr3t'))))); Session::clear($config); $key = 'test'; $value = 'value'; $this->assertTrue(Session::write($key, $value, $config)); $this->assertEqual($value, Session::read($key, $config)); $this->assertTrue(Session::delete($key, $config)); $this->assertNull(Session::read($key, $config)); Session::clear($config); $this->assertTrue(Session::write('foo', 'bar', $config)); $this->assertEqual('bar', Session::read('foo', $config)); $this->assertTrue(Session::write('foo', 'bar1', $config)); $this->assertEqual('bar1', Session::read('foo', $config)); Session::clear($config); $this->assertTrue(Session::write($key, $value, $config)); $this->assertEqual($value, Session::read($key, $config)); }
* This file contains configurations for connecting to external caching resources, as well as * default caching rules for various systems within your application */ require __DIR__ . '/bootstrap/cache.php'; /** * This file contains your application's globalization rules, including inflections, * transliterations, localized validation, and how localized text should be loaded. Uncomment this * line if you plan to globalize your site. */ // require __DIR__ . '/bootstrap/g11n.php'; /** * This file contains configurations for handling different content types within the framework, * including converting data to and from different formats, and handling static media assets. */ // require __DIR__ . '/bootstrap/media.php'; /** * This file configures console filters and settings, specifically output behavior and coloring. */ // require __DIR__ . '/bootstrap/console.php'; /** * This file contains filters for the test suite to bypass having a controller and render test * templates directly through the test dispatcher. */ require __DIR__ . '/bootstrap/test.php'; /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; Session::config(array('cookie' => array('adapter' => 'Cookie', 'expire' => '+2 days'), 'default' => array('adapter' => 'Php')));
public function setUp() { Session::config(array('default' => array('adapter' => '\\lithium\\tests\\mocks\\storage\\session\\adapter\\MockPhp'))); }
<?php /** * Lithium: the most rad php framework * * @copyright Copyright 2010, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. */ use lithium\storage\Session; Session::config(array( 'default' => array('adapter' => 'Php') )); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively.
/** * Lithium: the most rad php framework * * @copyright Copyright 2013, Union of RAD (http://union-of-rad.org) * @license http://opensource.org/licenses/bsd-license.php The BSD License */ /** * This configures your session storage. The Cookie storage adapter must be connected first, since * it intercepts any writes where the `'expires'` key is set in the options array. * The default name is based on the lithium app path. Remember, if your app is numeric or has * special characters you might want to use Inflector::slug() or set this manually. */ use lithium\storage\Session; use lithium\security\Auth; $name = basename(LITHIUM_APP_PATH); Session::config(array('default' => array('adapter' => 'Php', 'session.name' => $name))); Auth::config(array('member' => array('adapter' => 'Form', 'model' => 'Users', 'fields' => array('username', 'password'), 'filters' => array('password' => array('lithium\\util\\String', 'hash')), 'validators' => array('password' => false)))); /** * Uncomment the lines below to enable forms-based authentication. This configuration will attempt * to authenticate users against a `Users` model. In a controller, run * `Auth::check('default', $this->request)` to authenticate a user. This will check the POST data of * the request (`lithium\action\Request::$data`) to see if the fields match the `'fields'` key of * the configuration below. If successful, it will write the data returned from `Users::first()` to * the session using the default session configuration. * * Once the session data is written, you can call `Auth::check('default')` to check authentication * status or retrieve the user's data from the session. Call `Auth::clear('default')` to remove the * user's authentication details from the session. This effectively logs a user out of the system. * To modify the form input that the adapter accepts, or how the configured model is queried, or how * the data is stored in the session, see the `Form` adapter API or the `Auth` API, respectively. *
public function setUp() { Session::config(array('test' => array('adapter' => 'Memory'))); Auth::config(array('test' => array('adapter' => $this->_classes['mockAuthAdapter']))); }
<?php use lithium\action\Dispatcher; use lithium\storage\Session; /** * Set the token header in the response. */ Dispatcher::applyFilter('run', function ($self, $params, $chain) { $response = $chain->next($self, $params, $chain); $configs = Session::config(); foreach ($configs as $name => $config) { if ($config['adapter'] == 'Token') { $header = $config['header']; break; } } if (isset($header)) { $response->headers($header, Session::key($name)); } return $response; });