Skip to content

Commit

Permalink
Merge pull request #9 from nojimage/develop
Browse files Browse the repository at this point in the history
Work with EncryptedCookieMiddleware #8
  • Loading branch information
nojimage authored Aug 2, 2018
2 parents e0286a8 + eb1da33 commit 3609c43
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 4 deletions.
4 changes: 2 additions & 2 deletions src/Auth/CookieAuthenticate.php
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ protected function setCookie(Response $response, $cookie)
*/
public function decodeCookie($cookie)
{
return json_decode(Security::decrypt($cookie, Security::getSalt()), true);
return json_decode(Security::decrypt(base64_decode($cookie), Security::getSalt()), true);
}

/**
Expand All @@ -169,7 +169,7 @@ public function decodeCookie($cookie)
*/
public function encryptToken($username, $series, $token)
{
return Security::encrypt(json_encode(compact('username', 'series', 'token')), Security::getSalt());
return base64_encode(Security::encrypt(json_encode(compact('username', 'series', 'token')), Security::getSalt()));
}

/**
Expand Down
39 changes: 37 additions & 2 deletions tests/TestCase/Auth/CookieAuthenticateTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -286,7 +286,7 @@ public function testDecodeCookie()
public function testOnAfterIdentify()
{
// -- prepare
FrozenTime::setTestNow('2017-08-01 12:23:34');
FrozenTime::setTestNow('2017-09-03 12:23:34');
$user = ['id' => 1, 'username' => 'foo'];
$request = (new ServerRequest)->withData('remember_me', true);
$response = (new Response());
Expand Down Expand Up @@ -322,7 +322,7 @@ public function testOnAfterIdentify()

$this->assertSame($decode['series'], $tokens->first()->series);
$this->assertSame($decode['token'], $tokens->first()->token);
$this->assertTrue($tokens->first()->expires->eq(new FrozenTime('2017-08-31 12:23:34')), 'default expires is 30days after');
$this->assertTrue($tokens->first()->expires->eq(new FrozenTime('2017-10-03 12:23:34')), 'default expires is 30days after');
}

/**
Expand Down Expand Up @@ -433,4 +433,39 @@ public function testOnLogout()
])->all();
$this->assertCount(1, $tokens, 'drop token');
}

/**
* test with EncryptedCookieMiddleware
*/
public function testWorkWithEncryptedCookieMiddleware()
{
if (!class_exists('\Cake\Http\Middleware\EncryptedCookieMiddleware')) {
$this->markTestSkipped();

return;
}

$middleware = new \Cake\Http\Middleware\EncryptedCookieMiddleware(['rememberMe'], str_repeat('1234abcd', 4));
$request = new ServerRequest();
$response = new Response();

$encoded = $this->auth->encryptToken('foo', 'series_foo_1', '123456');

$response = $response->withCookie('rememberMe', ['value' => $encoded]);
$response = $middleware($request, $response, function ($request, $response) {
return $response;
});

$request = $request->withCookieCollection($response->getCookieCollection());
$decryptRequest = null;
/* @var $decryptRequest ServerRequest */
$middleware($request, $response, function ($request, $response) use (&$decryptRequest) {
$decryptRequest = $request;

return $response;
});

$result = $this->auth->decodeCookie($decryptRequest->getCookie('rememberMe'));
$this->assertSame(['username' => 'foo', 'series' => 'series_foo_1', 'token' => '123456'], $result);
}
}

0 comments on commit 3609c43

Please sign in to comment.