public function testGetResetWithAValidTokenDisplaysAFilledInPasswordResetForm()
{
$token = '4447744';
// Generate a password reset req to be matched!
PasswordResetRequest::generate($this->account, $token);
$matched_req = PasswordResetRequest::match($token);
$this->assertNotEmpty($matched_req);
// Symfony Request
$request = Request::create('/resetpassword.php');
$request->setMethod('POST');
$request->query->set('token', $token);
// get a response
$controller = new PasswordController();
$response = $controller->getReset($request);
// Response should contain an array with the token in the parts.
$this->assertFalse($response instanceof RedirectResponse, 'Redirection to the url [' . ($response instanceof RedirectResponse ? $response->getTargetUrl() : null) . '] was the invalid result of password reset.');
$this->assertTrue(is_array($response), 'Response was not a ViewSpec Array');
$this->assertNotEmpty($response['parts']);
$this->assertEquals($response['parts']['token'], $token);
}
/**
* Reset the given user's password.
*
* @return Response
*/
public function postReset(Container $p_dependencies)
{
$request = RequestWrapper::$request;
$token = $request->get('token');
$newPassword = $request->get('new_password');
$passwordConfirmation = $request->get('password_confirmation');
if ($passwordConfirmation === null || $passwordConfirmation !== $newPassword) {
return $this->renderError('Password Confirmation did not match.', $token);
}
if (!$token) {
return $this->renderError('No Valid Token to allow for password reset! Try again.', $token);
} else {
$req = PasswordResetRequest::match($token);
$account = $req instanceof PasswordResetRequest ? $req->account() : null;
if (!$account || !$account->id()) {
return $this->renderError('Token was invalid or expired! Please reset again.', $token);
} else {
if (strlen(trim($newPassword)) < 4 || $newPassword !== $passwordConfirmation) {
return $this->renderError('Password not long enough or does not match password confirmation!', $token);
} else {
PasswordResetRequest::reset($account, $newPassword);
return new RedirectResponse('/password/?message=' . rawurlencode('Password reset!'));
}
}
}
}
public function testPerformingAResetInvalidatesUsedRequest()
{
$account_id = TestAccountCreateAndDestroy::account_id();
$account = AccountFactory::findById($account_id);
PasswordResetRequest::generate($account, $this->nonce = '77warkwark', false);
PasswordResetRequest::reset($account, 'new_pass34532');
$req = PasswordResetRequest::match($this->nonce);
$this->assertEmpty($req);
// Request shouldn't match because it should already be used.
}
public function testGetResetWithAValidTokenDisplaysAFilledInPasswordResetForm()
{
$token = $this->nonce = '4447744';
// Generate a password reset req to be matched!
PasswordResetRequest::generate($this->account, $token);
$matched_req = PasswordResetRequest::match($token);
$this->assertNotEmpty($matched_req);
// Symfony Request
$request = Request::create('/password/get_reset/');
$request->setMethod('POST');
$request->query->set('token', $token);
RequestWrapper::inject($request);
// get a response
$controller = new PasswordController();
$response = $controller->getReset($this->m_dependencies);
// Response should contain an array with the token in the parts.
$this->assertFalse($response instanceof RedirectResponse, 'Redirection to the url [' . ($response instanceof RedirectResponse ? $response->getTargetUrl() : null) . '] was the invalid result of password reset.');
$this->assertInstanceOf(StreamedViewResponse::class, $response, 'Response was not a StreamedViewResponse');
$reflection = new \ReflectionProperty(get_class($response), 'data');
$reflection->setAccessible(true);
$response_data = $reflection->getValue($response);
$this->assertNotEmpty($response_data);
$this->assertEquals($response_data['token'], $token);
}
