public function testVariousInteractions()
 {
     $controller = new SessionAPILoginController(true);
     //User email set but not API key
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'failure', 'u' => '*****@*****.**');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, "failure?msg=API+key+must+not+be+empty.");
     //User email set but not API key on failure URL with ? in it
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'http://example.com/failure?yes=yes', 'u' => '*****@*****.**');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'http://example.com/failure?yes=yes&msg=API+key+must+not+be+empty.');
     //API key set but not user email
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'failure', 'k' => 'apikeyyo');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'failure?msg=Email+must+not+be+empty.');
     //User does not exist
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'failure', 'u' => '*****@*****.**', 'k' => 'apikeyyo');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'failure?msg=Invalid+email.');
     //User is not activated
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'failure', 'u' => '*****@*****.**', 'k' => 'apikeyyo');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'failure?msg=Inactive+account.');
     //User exists but doesn't have a private API key set
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'failure', 'u' => '*****@*****.**', 'k' => 'apikeyyo');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'failure?msg=Invalid+API+key.');
     //User exists and has API key but it is incorrect
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'failure', 'u' => '*****@*****.**', 'k' => 'aasdasdfafabbccdd');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'failure?msg=Invalid+API+key.');
     //User 1 is logged in and user 2 attempts login
     $_GET = array('success_redir' => 'success', 'failure_redir' => 'failure', 'u' => '*****@*****.**', 'k' => 'yayaya');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'success');
     //User logs in successfully with success redirect that has a ? in it
     $_GET = array('success_redir' => 'https://thinkup.com/admin/user/success.php?answer=yes&comment=indeed', 'failure_redir' => 'failure', 'u' => '*****@*****.**', 'k' => 'yayaya');
     $results = $controller->go();
     $this->assertEqual($controller->redirect_destination, 'https://thinkup.com/admin/user/success.php?answer=yes&comment=indeed');
 }
Exemplo n.º 2
0
<?php

/**
 *
 * ThinkUp/webapp/api/v1/session/login.php
 *
 * Copyright (c) 2013 Gina Trapani
 *
 * LICENSE:
 *
 * This file is part of ThinkUp (http://thinkup.com).
 *
 * ThinkUp is free software: you can redistribute it and/or modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any
 * later version.
 *
 * ThinkUp is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
 * details.
 *
 * You should have received a copy of the GNU General Public License along with ThinkUp.  If not, see
 * <http://www.gnu.org/licenses/>.
 *
 * @license http://www.gnu.org/licenses/gpl.html
 * @copyright 2013 Gina Trapani
 */
chdir("../../../");
require_once 'init.php';
$controller = new SessionAPILoginController();
echo $controller->go();