tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

API: add SecurityToken::reset() as a shortcut for regenerating a secure token.

Browse Source 
See http://open.silverstripe.org/ticket/6303
This commit is contained in:
Will Rossiter 2012-07-01 20:53:58 +12:00
parent 23ed5335e6
commit f9ea5430bb
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
security/SecurityToken.php
View File

@ -147,6 +147,13 @@ class SecurityToken extends Object implements TemplateGlobalProvider {
Session::set($this->getName(), $val); Session::set($this->getName(), $val);
} }
/**
* Reset the token to a new value.
*/
public function reset() {
$this->setValue($this->generate());
}
/** /**
* Checks for an existing CSRF token in the current users session. * Checks for an existing CSRF token in the current users session.
* This check is automatically performed in {@link Form->httpSubmission()} * This check is automatically performed in {@link Form->httpSubmission()}
@ -291,6 +298,5 @@ class NullSecurityToken extends SecurityToken {
*/ */
function generate() { function generate() {
return null; return null;
} }
}
}

8
tests/security/SecurityTokenTest.php
View File

@ -65,6 +65,14 @@ class SecurityTokenTest extends SapphireTest {
$t->setValue('mytoken'); $t->setValue('mytoken');
$this->assertTrue($t->check('mytoken'), 'Valid token returns true'); $this->assertTrue($t->check('mytoken'), 'Valid token returns true');
} }
function testReset() {
$t = new SecurityToken();
$initialValue = $t->getValue();
$t->reset();
$this->assertNotEquals($t->getValue(), $initialValue);
}
function testCheckRequest() { function testCheckRequest() {
$t = new SecurityToken(); $t = new SecurityToken();