silverstripe-framework/tests/security/RandomGeneratorTest.php
Mateusz Uzdowski a8b0e44d98 API Hash autologin tokens before storing in the database.
Refactor the code to make it clear the distinction is made between a
plaintext token and a hashed version. Rename fields so it is more
obvious what is being written and what sent out to the user.

This reuses the salt and algorithm from the Member, which are kept
constant throughout the Member lifetime in a normal scenario. If they do
change, users will need to re-request so the hashes can be regenerated.
2012-11-09 11:29:42 +01:00

28 lines
712 B
PHP

<?php
/**
* @package framework
* @subpackage tests
* @author Ingo Schommer
*/
class RandomGeneratorTest extends SapphireTest {
public function testGenerateEntropy() {
$r = new RandomGenerator();
$this->assertNotNull($r->generateEntropy());
$this->assertNotEquals($r->generateEntropy(), $r->generateEntropy());
}
public function testGenerateHash() {
$r = new RandomGenerator();
$this->assertNotNull($r->randomToken());
$this->assertNotEquals($r->randomToken(), $r->randomToken());
}
public function testGenerateHashWithAlgorithm() {
$r = new RandomGenerator();
$this->assertNotNull($r->randomToken('md5'));
$this->assertNotEquals($r->randomToken(), $r->randomToken('md5'));
}
}