public function setUp()
{
parent::setUp();
$this->account_id = TestAccountCreateAndDestroy::account_id();
$this->account = Account::findById($this->account_id);
$this->nonce = Crypto::nonce();
}
public function testFindAccountByNonexistentId()
{
$account = Account::findById(-120);
$this->assertNull($account);
}
/**
* Get the account in a reliable manner.
*/
public function account()
{
assert($this->_account_id);
return Account::findById($this->_account_id);
}
/**
* @return StreamedViewResponse
*/
private function render($p_parts)
{
$account = Account::findById(SessionFactory::getSession()->get('account_id'));
$player = Player::find(SessionFactory::getSession()->get('player_id'));
$ninjas = $account->getCharacters();
$parts = ['gravatar_url' => $player->avatarUrl(), 'player' => $player->data(), 'account' => $account, 'oauth_provider' => $account ? $account->oauth_provider : '', 'oauth' => $account ? $account->oauth_provider && $account->oauth_id : '', 'ninjas' => $ninjas, 'successMessage' => false, 'error' => false, 'command' => '', 'delete_attempts' => 0];
return new StreamedViewResponse('Your Account', 'account.tpl', array_merge($parts, $p_parts), ['quickstat' => 'player']);
}
/**
* Login the user and delegate the setup if login is valid.
*
* @return array
*/
private function loginUser($dirty_user, $p_pass)
{
$success = false;
$login_error = 'That password/username combination was incorrect.';
// Just checks whether the username and password are correct.
$data = $this->authenticate($dirty_user, $p_pass);
if (!empty($data)) {
if ((bool) $data['authenticated'] && (bool) $data['operational']) {
if ((bool) $data['confirmed']) {
$this->createGameSession(Account::findById($data['account_id']), Player::find($data['player_id']));
// Block by ip list here, if necessary.
// *** Set return values ***
$success = true;
$login_error = null;
} else {
// *** Account was not activated yet ***
$success = false;
$login_error = "You must confirm your account before logging in, check your email. <a href='/assistance'>You can request another confirmation email here.</a>";
}
}
// The LOGIN FAILURE case occurs here, and is the default.
$account = Account::findByLogin($dirty_user);
if ($account) {
Account::updateLastLoginFailure($account);
}
}
// *** Return array of return values ***
return ['success' => $success, 'login_error' => $login_error];
}
public function testLoginShouldFailOnBlanks()
{
$account = Account::findById(TestAccountCreateAndDestroy::account_id());
$this->assertInstanceOf(Account::class, $account);
$account->confirmed = 0;
$account->save();
$request = new Request([], ['user' => '', 'pass' => '']);
// TestAccountCreateAndDestroy::$test_password
RequestWrapper::inject($request);
$controller = new LoginController();
$res = $controller->requestLogin($this->m_dependencies);
$this->assertInstanceOf(RedirectResponse::class, $res);
$this->assertTrue(stripos($res->getTargetUrl(), 'error') !== false);
}
public function testPerformingAResetInvalidatesUsedRequest()
{
$account_id = TestAccountCreateAndDestroy::account_id();
$account = Account::findById($account_id);
PasswordResetRequest::generate($account, $this->nonce = '77warkwark', false);
PasswordResetRequest::reset($account, 'new_pass34532');
$req = PasswordResetRequest::match($this->nonce);
$this->assertEmpty($req);
// Request shouldn't match because it should already be used.
}
