Cavemanon/piratepoet
8
Fork 0
Code Pull Requests Actions Releases 16 Activity

Refactor captcha session to use internal session id

Browse Source 
[MAILPOET-2343]
This commit is contained in:
Rostislav Wolny
2019-09-24 17:31:18 +02:00
committed by Jack Kitterhing
parent 5a33946ea8
commit 704117d37d
2 changed files with 20 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
lib/Subscription/CaptchaSession.php
View File

@@ -2,11 +2,12 @@
namespace MailPoet\Subscription; namespace MailPoet\Subscription;
use MailPoet\Config\Session; use MailPoet\Util\Security;
use MailPoet\WP\Functions as WPFunctions; use MailPoet\WP\Functions as WPFunctions;
class CaptchaSession { class CaptchaSession {
const EXPIRATION = 1800; // 30 minutes const EXPIRATION = 1800; // 30 minutes
const ID_LENGTH = 32;
const SESSION_HASH_KEY = 'hash'; const SESSION_HASH_KEY = 'hash';
const SESSION_FORM_KEY = 'form'; const SESSION_FORM_KEY = 'form';
@@ -14,16 +15,22 @@ class CaptchaSession {
/** @var WPFunctions */ /** @var WPFunctions */
private $wp; private $wp;
/** @var Session */ /** @var string */
private $session; private $id;
function __construct(WPFunctions $wp, Session $session) { function __construct(WPFunctions $wp) {
$this->wp = $wp; $this->wp = $wp;
$this->session = $session;
} }
function isAvailable() { function init($id = null) {
return $this->session->getId() !== null; $this->id = $id ?: Security::generateRandomString(self::ID_LENGTH);
}
function getId() {
if ($this->id === null) {
throw new \Exception("MailPoet captcha session not initialized.");
}
return $this->id;
} }
function reset() { function reset() {
@@ -48,10 +55,6 @@ class CaptchaSession {
} }
private function getKey($type) { private function getKey($type) {
$session_id = $this->session->getId(); return implode('_', ['MAILPOET', $this->getId(), $type]);
if ($session_id === null) {
throw new \Exception("MailPoet session not initialized.");
}
return implode('_', ['MAILPOET', $session_id, $type]);
} }
} }

41
tests/integration/Subscription/CaptchaSessionTest.php
View File

@@ -1,61 +1,33 @@
<?php <?php
namespace MailPoet\Test\Subscription; namespace MailPoet\Test\Subscription;
use MailPoet\Config\Session;
use MailPoet\Subscription\CaptchaSession; use MailPoet\Subscription\CaptchaSession;
use MailPoet\Util\Cookies;
use MailPoet\WP\Functions as WPFunctions; use MailPoet\WP\Functions as WPFunctions;
use PHPUnit_Framework_MockObject_MockObject as MockObject;
class CaptchaSessionTest extends \MailPoetTest { class CaptchaSessionTest extends \MailPoetTest {
const SESSION_ID = 'ABCD';
/** @var CaptchaSession */ /** @var CaptchaSession */
private $captcha_session; private $captcha_session;
/** @var MockObject */
private $cookies_mock;
function _before() { function _before() {
$this->cookies_mock = $this->createMock(Cookies::class); $this->captcha_session = new CaptchaSession(new WPFunctions);
$this->captcha_session = new CaptchaSession(new WPFunctions, new Session($this->cookies_mock)); $this->captcha_session->init(self::SESSION_ID);
}
function testIsAvailableWhenCookieExists() {
$this->cookies_mock
->method('get')
->willReturn('abcd');
expect($this->captcha_session->isAvailable())->true();
}
function testIsNotAvailableWhenCookieDoesntExits() {
$this->cookies_mock
->method('get')
->willReturn(null);
expect($this->captcha_session->isAvailable())->false();
} }
function testItCanStoreAndRetrieveFormData() { function testItCanStoreAndRetrieveFormData() {
$this->cookies_mock
->method('get')
->willReturn('abcd');
$form_data = ['email' => 'email@example.com']; $form_data = ['email' => 'email@example.com'];
$this->captcha_session->setFormData($form_data); $this->captcha_session->setFormData($form_data);
expect($this->captcha_session->getFormData())->equals($form_data); expect($this->captcha_session->getFormData())->equals($form_data);
} }
function testItCanStoreAndRetrieveCaptchaHash() { function testItCanStoreAndRetrieveCaptchaHash() {
$this->cookies_mock
->method('get')
->willReturn('abcd');
$hash = '1234'; $hash = '1234';
$this->captcha_session->setCaptchaHash($hash); $this->captcha_session->setCaptchaHash($hash);
expect($this->captcha_session->getCaptchaHash())->equals($hash); expect($this->captcha_session->getCaptchaHash())->equals($hash);
} }
function testItCanResetSessionData() { function testItCanResetSessionData() {
$this->cookies_mock
->method('get')
->willReturn('abcd');
$this->captcha_session->setFormData(['email' => 'email@example.com']); $this->captcha_session->setFormData(['email' => 'email@example.com']);
$this->captcha_session->setCaptchaHash('hash123'); $this->captcha_session->setCaptchaHash('hash123');
$this->captcha_session->reset(); $this->captcha_session->reset();
@@ -64,15 +36,12 @@ class CaptchaSessionTest extends \MailPoetTest {
} }
function testItAssociatesDataWithSession() { function testItAssociatesDataWithSession() {
$session1 = 'abcd';
$session2 = 'efgh';
$this->cookies_mock
->method('get')
->willReturnOnConsecutiveCalls($session1, $session1, $session2, $session1);
$hash = '1234'; $hash = '1234';
$this->captcha_session->setCaptchaHash($hash); $this->captcha_session->setCaptchaHash($hash);
expect($this->captcha_session->getCaptchaHash())->equals($hash); expect($this->captcha_session->getCaptchaHash())->equals($hash);
$this->captcha_session->init();
expect($this->captcha_session->getCaptchaHash())->false(); expect($this->captcha_session->getCaptchaHash())->false();
$this->captcha_session->init(self::SESSION_ID);
expect($this->captcha_session->getCaptchaHash())->equals($hash); expect($this->captcha_session->getCaptchaHash())->equals($hash);
} }
} }