tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-26 06:29:24 +02:00
Code Issues Projects Releases Wiki Activity

fix: remove login marker cookie on logout

Browse Source 
Apply suggestions from code review

Co-authored-by: Michal Kleiner <mk@011.nz>
This commit is contained in:
Florian Thoma 2021-07-13 11:45:48 +10:00
parent 08028d3969
commit 31668e8acf
3 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Security/MemberAuthenticator/SessionAuthenticationHandler.php
View File

@ -113,5 +113,9 @@ class SessionAuthenticationHandler implements AuthenticationHandler
{
$request = $request ?: Controller::curr()->getRequest();
$request->getSession()->destroy(true, $request);
if (Member::config()->get('login_marker_cookie')) {
Cookie::force_expiry(Member::config()->get('login_marker_cookie'));
}
}
}

20
tests/php/Security/MemberAuthenticator/SessionAuthenticationHandlerTest.php
View File

@ -4,13 +4,15 @@ namespace SilverStripe\Security\Tests\MemberAuthenticator;
use SilverStripe\Control\Cookie;
use SilverStripe\Control\HTTPRequest;
use SilverStripe\Control\Session;
use SilverStripe\Core\Config\Config;
use SilverStripe\Dev\SapphireTest;
use SilverStripe\Security\Member;
use SilverStripe\Security\MemberAuthenticator\SessionAuthenticationHandler;
class SessionAuthenticationHandlerTest extends SapphireTest
{
protected static $fixture_file = 'SessionAuthenticationHandlerTest.yml';
protected $usesDatabase = true;
/**
@ -58,4 +60,20 @@ class SessionAuthenticationHandlerTest extends SapphireTest
$this->assertNotNull($matchedMember);
$this->assertEquals($matchedMember->Email, $member->Email);
}
public function testLoginMarkerCookie()
{
Config::modify()->set(Member::class, 'login_marker_cookie', 'sslogin');
/** @var Member $member */
$member = $this->objFromFixture(Member::class, 'test');
$this->logInAs($member);
$this->assertNotNull(Cookie::get('sslogin'), 'Login marker cookie is set after logging in');
$this->logOut();
$this->assertNull(Cookie::get('sslogin'), 'Login marker cookie is deleted after logging out');
}
}

11
tests/php/Security/MemberAuthenticator/SessionAuthenticationHandlerTest.yml Normal file
View File

@ -0,0 +1,11 @@
'SilverStripe\Security\Group':
usergroup:
Title: usergroup
Code: usergroup
'SilverStripe\Security\Member':
test:
FirstName: Test
Surname: User
Email: testuser@example.com
Password: 1nitialPassword
Groups: '=>SilverStripe\Security\Group.usergroup'