public function testUnauthorizedSessionRequest() { $user = $this->createUser(1); Session::authenticate(['email' => $user['email'], 'password' => $this->user1['password']]); //Using a new instance here. Prev instance is set for user resource. $this->service = ServiceHandler::getService('system'); $this->setExpectedException('\\DreamFactory\\Core\\Exceptions\\UnauthorizedException'); $this->makeRequest(Verbs::GET, 'admin/session'); }
public function testUnauthorizedSessionRequest() { $user = $this->user1; $this->makeRequest(Verbs::POST, 'user', [ApiOptions::FIELDS => '*', ApiOptions::RELATED => 'user_lookup_by_user_id'], [$user]); Session::authenticate(['email' => $user['email'], 'password' => $user['password']]); //Using a new instance here. Prev instance is set for user resource. $this->service = ServiceHandler::getService('system'); $this->setExpectedException('\\DreamFactory\\Core\\Exceptions\\UnauthorizedException'); $this->makeRequest(Verbs::GET, static::RESOURCE . '/session'); }
public function testPATCHPassword() { $user = $this->createUser(1); Arr::set($user, 'password', '1234'); $payload = json_encode($user, JSON_UNESCAPED_SLASHES); $rs = $this->makeRequest(Verbs::PATCH, static::RESOURCE . '/' . $user['id'], [], $payload); $content = $rs->getContent(); $this->assertFalse(Session::authenticate(['email' => $user['email'], 'password' => '1234'])); $this->assertTrue($this->adminCheck([$content])); }
/** * Performs login. * * @param array $credentials * @param bool $remember * * @return array * @throws BadRequestException * @throws NotFoundException * @throws UnauthorizedException * @throws \Exception */ protected function handleLogin(array $credentials = [], $remember = false) { $email = ArrayUtils::get($credentials, 'email'); if (empty($email)) { throw new BadRequestException('Login request is missing required email.'); } $password = ArrayUtils::get($credentials, 'password'); if (empty($password)) { throw new BadRequestException('Login request is missing required password.'); } $credentials['is_active'] = 1; // if user management not available then only system admins can login. if (!class_exists('\\DreamFactory\\Core\\User\\Resources\\System\\User')) { $credentials['is_sys_admin'] = 1; } if (Session::authenticate($credentials, $remember, true, static::getAppId())) { return Session::getPublicInfo(); } else { throw new UnauthorizedException('Invalid credentials supplied.'); } }
/** * Logs user in. * * @param $email * @param $password * * @return bool * @throws InternalServerErrorException */ protected static function userLogin($email, $password) { try { $credentials = ['email' => $email, 'password' => $password]; Session::authenticate($credentials); } catch (\Exception $ex) { throw new InternalServerErrorException("Password set, but failed to login.\n{$ex->getMessage()}"); } return true; }