Commit | Line | Data |
9e447f9d |
1 | #!/usr/bin/perl |
2 | |
3 | use strict; |
4 | use warnings; |
5 | |
0974ac06 |
6 | use Test::More tests => 20; |
9e447f9d |
7 | use Test::MockObject; |
8 | use Test::Deep; |
0974ac06 |
9 | use Test::Exception; |
9e447f9d |
10 | |
45c0711b |
11 | my $m; |
12 | BEGIN { use_ok( $m = "Catalyst::Plugin::Session" ) } |
9e447f9d |
13 | |
14 | my %config; |
45c0711b |
15 | my $log = Test::MockObject->new; |
16 | my $req = Test::MockObject->new; |
9e447f9d |
17 | my @mock_isa = (); |
18 | my %session; |
19 | |
0974ac06 |
20 | $log->set_true(qw/fatal warn error/); |
9e447f9d |
21 | |
45c0711b |
22 | $req->set_always( address => "127.0.0.1" ); |
9e447f9d |
23 | |
24 | { |
45c0711b |
25 | |
26 | package MockCxt; |
27 | use base $m; |
28 | sub new { bless {}, $_[0] } |
29 | sub config { \%config } |
30 | sub log { $log } |
31 | sub request { $req } |
32 | sub debug { 0 } |
33 | sub isa { 1 } # subvert the plugin tests, we're faking them |
34 | sub get_session_data { \%session } |
35 | sub store_session_data { } |
36 | sub delete_session_data { } |
9e447f9d |
37 | } |
38 | |
39 | { |
45c0711b |
40 | my $c = MockCxt->new; |
41 | $c->setup; |
9e447f9d |
42 | |
45c0711b |
43 | $c->prepare_action; |
0974ac06 |
44 | ok( !$c->_session, "without a session ID prepare doesn't load a session" ); |
9e447f9d |
45 | } |
46 | |
47 | { |
45c0711b |
48 | %config = ( session => { expires => 100 } ); |
9e447f9d |
49 | |
45c0711b |
50 | %session = ( |
51 | __expires => time() + 1000, |
52 | __created => time(), |
53 | __updated => time(), |
54 | __address => "127.0.0.1", |
55 | ); |
9e447f9d |
56 | |
45c0711b |
57 | my $c = MockCxt->new; |
58 | $c->setup; |
9e447f9d |
59 | |
0974ac06 |
60 | $c->sessionid("decafbad"); |
45c0711b |
61 | $c->prepare_action; |
9e447f9d |
62 | |
0974ac06 |
63 | ok( $c->_session, 'session "restored" with session id' ); |
9e447f9d |
64 | } |
65 | |
66 | { |
45c0711b |
67 | %session = ( |
68 | __expires => time() - 100, # a while ago |
69 | __created => time() - 1000, |
70 | __udpated => time() - 1000, |
71 | __address => "127.0.0.1", |
72 | ); |
73 | |
74 | my $c = MockCxt->new; |
75 | $c->setup; |
76 | |
0974ac06 |
77 | $c->sessionid("decafbad"); |
45c0711b |
78 | $c->prepare_action; |
79 | |
0974ac06 |
80 | ok( !$c->_session, "expired sessions are deleted" ); |
45c0711b |
81 | like( $c->session_delete_reason, qr/expire/i, "with appropriate reason" ); |
82 | ok( !$c->sessionid, "sessionid is also cleared" ); |
9e447f9d |
83 | } |
84 | |
85 | { |
45c0711b |
86 | %session = ( |
87 | __expires => time() + 1000, |
88 | __created => time(), |
89 | __updated => time(), |
90 | __address => "unlocalhost", |
91 | ); |
92 | |
93 | my $c = MockCxt->new; |
94 | $c->setup; |
95 | |
0974ac06 |
96 | $c->sessionid("decafbad"); |
45c0711b |
97 | $c->prepare_action; |
98 | |
0974ac06 |
99 | ok( !$c->_session, "hijacked sessions are deleted" ); |
45c0711b |
100 | like( $c->session_delete_reason, qr/mismatch/, "with appropriate reason" ); |
101 | ok( !$c->sessionid, "sessionid is also cleared" ); |
9e447f9d |
102 | } |
103 | |
104 | { |
45c0711b |
105 | %session = ( |
106 | __expires => time() + 1000, |
107 | __created => time(), |
108 | __updated => time(), |
109 | __address => "unlocalhost", |
110 | ); |
9e447f9d |
111 | |
45c0711b |
112 | $config{session}{verify_address} = 0; |
9e447f9d |
113 | |
45c0711b |
114 | my $c = MockCxt->new; |
115 | $c->setup; |
9e447f9d |
116 | |
0974ac06 |
117 | $c->sessionid("decafbad"); |
45c0711b |
118 | $c->prepare_action; |
9e447f9d |
119 | |
0974ac06 |
120 | ok( $c->_session, "address mismatch is OK if verify_address is disabled" ); |
9e447f9d |
121 | } |
122 | |
123 | { |
45c0711b |
124 | %session = (); |
125 | %config = (); |
126 | |
127 | my $now = time; |
128 | |
129 | my $c = MockCxt->new; |
130 | $c->setup; |
131 | $c->prepare_action; |
132 | |
133 | ok( $c->session, "creating a session works" ); |
134 | ok( $c->sessionid, "session id generated" ); |
135 | |
136 | cmp_ok( $c->session->{__created}, ">=", $now, "__created time is logical" ); |
137 | cmp_ok( $c->session->{__updated}, ">=", $now, "__updated time is logical" ); |
138 | cmp_ok( |
139 | $c->session->{__expires}, |
140 | ">=", |
141 | ( $now + $config{session}{expires} ), |
142 | "__expires time is logical" |
143 | ); |
144 | is( $c->session->{__address}, |
145 | $c->request->address, "address is also correct" ); |
146 | |
147 | cmp_deeply( |
0974ac06 |
148 | [ keys %{ $c->_session } ], |
45c0711b |
149 | bag(qw/__expires __created __updated __address/), |
150 | "initial keys in session are all there", |
151 | ); |
9e447f9d |
152 | } |
153 | |
9e447f9d |
154 | { |
45c0711b |
155 | %session = ( |
156 | __expires => time() + 1000, |
157 | __created => time(), |
158 | __updated => time(), |
159 | __address => "127.0.0.1", |
160 | ); |
161 | |
162 | $config{session}{expires} = 2000; |
9e447f9d |
163 | |
45c0711b |
164 | my $c = MockCxt->new; |
165 | $c->setup; |
9e447f9d |
166 | |
45c0711b |
167 | my $now = time(); |
9e447f9d |
168 | |
0974ac06 |
169 | $c->sessionid("decafbad"); |
45c0711b |
170 | $c->prepare_action; |
171 | $c->finalize; |
9e447f9d |
172 | |
0974ac06 |
173 | ok( $c->_session, |
45c0711b |
174 | "session is still alive after 1/2 expired and finalized" ); |
9e447f9d |
175 | |
45c0711b |
176 | cmp_ok( |
177 | $c->session->{__expires}, |
178 | ">=", |
179 | $now + 2000, |
180 | "session expires time extended" |
181 | ); |
0974ac06 |
182 | |
183 | dies_ok { |
184 | $c->sessionid("user:foo"); |
185 | } "can't set invalid sessionid string"; |
9e447f9d |
186 | } |
187 | |