[catagits/Catalyst-Plugin-Session.git] / t / 02_session_data.t

#!/usr/bin/perl

use strict;
use warnings;

use Test::More tests => 25;
use Test::MockObject;
use Test::Deep;
use Test::Exception;

my $m;
BEGIN { use_ok( $m = "Catalyst::Plugin::Session" ) }

my %config;
my $log      = Test::MockObject->new;
my $req      = Test::MockObject->new;
my @mock_isa = ();
my %session;

$log->set_true(qw/fatal warn error/);

$req->set_always( address => "127.0.0.1" );

{

    package MockCxt;
    use base $m;
    sub new { bless {}, $_[0] }
    sub config  { \%config }
    sub log     { $log }
    sub request { $req }
    sub debug   { 0 }
    sub isa     { 1 }          # subvert the plugin tests, we're faking them
    sub get_session_data    { \%session }
    sub store_session_data  { }
    sub delete_session_data { }
}

{
    my $c = MockCxt->new;
    $c->setup;

    $c->_load_session;
    ok( !$c->_session, "without a session ID prepare doesn't load a session" );
}

{
    %config = ( session => { expires => 100 } );

    %session = (
        __expires => time() + 1000,
        __created => time(),
        __updated => time(),
        __address => "127.0.0.1",
    );

    my $c = MockCxt->new;
    $c->setup;

    $c->sessionid("decafbad");
    $c->_load_session;

    ok( $c->_session, 'session "restored" with session id' );
}

{
    %session = (
        __expires => time() - 100,    # a while ago
        __created => time() - 1000,
        __udpated => time() - 1000,
        __address => "127.0.0.1",
    );

    my $c = MockCxt->new;
    $c->setup;

    $c->sessionid("decafbad");
    $c->_load_session;

    ok( !$c->_session, "expired sessions are deleted" );
    like( $c->session_delete_reason, qr/expire/i, "with appropriate reason" );
    ok( !$c->sessionid, "sessionid is also cleared" );
}

{
    %session = (
        __expires => time() + 1000,
        __created => time(),
        __updated => time(),
        __address => "unlocalhost",
    );

    my $c = MockCxt->new;
    $c->setup;

    $c->sessionid("decafbad");
    $c->_load_session;

    ok( !$c->_session, "hijacked sessions are deleted" );
    like( $c->session_delete_reason, qr/mismatch/, "with appropriate reason" );
    ok( !$c->sessionid, "sessionid is also cleared" );
}

{
    %session = (
        __expires => time() + 1000,
        __created => time(),
        __updated => time(),
        __address => "unlocalhost",
    );

    $config{session}{verify_address} = 0;

    my $c = MockCxt->new;
    $c->setup;

    $c->sessionid("decafbad");
    $c->_load_session;

    ok( $c->_session, "address mismatch is OK if verify_address is disabled" );
}

{
    %session = ();
    %config  = ();

    my $now = time;

    my $c = MockCxt->new;
    $c->setup;
    $c->_load_session;

    ok( $c->session,   "creating a session works" );
    ok( $c->sessionid, "session id generated" );

    cmp_ok( $c->session->{__created}, ">=", $now, "__created time is logical" );
    cmp_ok( $c->session->{__updated}, ">=", $now, "__updated time is logical" );
    cmp_ok(
        $c->session->{__expires},
        ">=",
        ( $now + $config{session}{expires} ),
        "__expires time is logical"
    );
    is( $c->session->{__address},
        $c->request->address, "address is also correct" );

    cmp_deeply(
        [ keys %{ $c->_session } ],
        bag(qw/__expires __created __updated __address/),
        "initial keys in session are all there",
    );
}

{
    %session = (
        __expires => time() + 1000,
        __created => time(),
        __updated => time(),
        __address => "127.0.0.1",
    );

    $config{session}{expires} = 2000;

    my $c = MockCxt->new;
    $c->setup;

    my $now = time();

    $c->sessionid("decafbad");
    $c->_load_session;
    $c->finalize;

    ok( $c->_session,
        "session is still alive after 1/2 expired and finalized" );

    cmp_ok(
        $c->session->{__expires},
        ">=",
        $now + 2000,
        "session expires time extended"
    );
}

{
    my $c = MockCxt->new;
    $c->setup;

	dies_ok {
		$c->sessionid("user:foo");
	} "can't set invalid sessionid string";
}

{
    %session = (
        %session,
        __expire_keys => {
            foo => time - 1000,
            bar => time + 1000,
        },
        foo => 1,
        bar => 2,
        gorch => 3,
    );

    my $c = MockCxt->new;
    $c->setup;

    $c->sessionid("decafbad");
    $c->_load_session;
    $c->finalize;

    ok( !$c->session->{foo}, "foo was deleted, expired");
    ok( $c->session->{bar}, "bar not deleted - still valid");
    ok( $c->session->{gorch}, "gorch not deleted - no expiry");

    is_deeply( [ sort keys %{ $c->session->{__expire_keys} } ], [qw/bar/], "expiry entry only for bar");

    $c->session_expire_key( gorch => 10 );

    is_deeply( [ sort keys %{ $c->session->{__expire_keys} } ], [qw/bar gorch/], "expiry entries for bar and gorch");
}
Commit	Line	Data
9e447f9d	1	#!/usr/bin/perl
	2
	3	use strict;
	4	use warnings;
	5
b7acf64e	6	use Test::More tests => 25;
9e447f9d	7	use Test::MockObject;
9e447f9d	8	use Test::Deep;
0974ac06	9	use Test::Exception;
9e447f9d	10
45c0711b	11	my $m;
45c0711b	12	BEGIN { use_ok( $m = "Catalyst::Plugin::Session" ) }
9e447f9d	13
9e447f9d	14	my %config;
45c0711b	15	my $log = Test::MockObject->new;
45c0711b	16	my $req = Test::MockObject->new;
9e447f9d	17	my @mock_isa = ();
	18	my %session;
	19
0974ac06	20	$log->set_true(qw/fatal warn error/);
9e447f9d	21
45c0711b	22	$req->set_always( address => "127.0.0.1" );
9e447f9d	23
9e447f9d	24	{
45c0711b	25
	26	package MockCxt;
	27	use base $m;
	28	sub new { bless {}, $_[0] }
	29	sub config { \%config }
	30	sub log { $log }
	31	sub request { $req }
	32	sub debug { 0 }
	33	sub isa { 1 } # subvert the plugin tests, we're faking them
	34	sub get_session_data { \%session }
	35	sub store_session_data { }
	36	sub delete_session_data { }
9e447f9d	37	}
	38
	39	{
45c0711b	40	my $c = MockCxt->new;
45c0711b	41	$c->setup;
9e447f9d	42
29d15411	43	$c->_load_session;
0974ac06	44	ok( !$c->_session, "without a session ID prepare doesn't load a session" );
9e447f9d	45	}
	46
	47	{
45c0711b	48	%config = ( session => { expires => 100 } );
9e447f9d	49
45c0711b	50	%session = (
	51	__expires => time() + 1000,
	52	__created => time(),
	53	__updated => time(),
	54	__address => "127.0.0.1",
	55	);
9e447f9d	56
45c0711b	57	my $c = MockCxt->new;
45c0711b	58	$c->setup;
9e447f9d	59
0974ac06	60	$c->sessionid("decafbad");
29d15411	61	$c->_load_session;
9e447f9d	62
0974ac06	63	ok( $c->_session, 'session "restored" with session id' );
9e447f9d	64	}
	65
	66	{
45c0711b	67	%session = (
	68	__expires => time() - 100, # a while ago
	69	__created => time() - 1000,
	70	__udpated => time() - 1000,
	71	__address => "127.0.0.1",
	72	);
	73
	74	my $c = MockCxt->new;
	75	$c->setup;
	76
0974ac06	77	$c->sessionid("decafbad");
29d15411	78	$c->_load_session;
45c0711b	79
0974ac06	80	ok( !$c->_session, "expired sessions are deleted" );
45c0711b	81	like( $c->session_delete_reason, qr/expire/i, "with appropriate reason" );
45c0711b	82	ok( !$c->sessionid, "sessionid is also cleared" );
9e447f9d	83	}
	84
	85	{
45c0711b	86	%session = (
	87	__expires => time() + 1000,
	88	__created => time(),
	89	__updated => time(),
	90	__address => "unlocalhost",
	91	);
	92
	93	my $c = MockCxt->new;
	94	$c->setup;
	95
0974ac06	96	$c->sessionid("decafbad");
29d15411	97	$c->_load_session;
45c0711b	98
0974ac06	99	ok( !$c->_session, "hijacked sessions are deleted" );
45c0711b	100	like( $c->session_delete_reason, qr/mismatch/, "with appropriate reason" );
45c0711b	101	ok( !$c->sessionid, "sessionid is also cleared" );
9e447f9d	102	}
	103
	104	{
45c0711b	105	%session = (
	106	__expires => time() + 1000,
	107	__created => time(),
	108	__updated => time(),
	109	__address => "unlocalhost",
	110	);
9e447f9d	111
45c0711b	112	$config{session}{verify_address} = 0;
9e447f9d	113
45c0711b	114	my $c = MockCxt->new;
45c0711b	115	$c->setup;
9e447f9d	116
0974ac06	117	$c->sessionid("decafbad");
29d15411	118	$c->_load_session;
9e447f9d	119
0974ac06	120	ok( $c->_session, "address mismatch is OK if verify_address is disabled" );
9e447f9d	121	}
	122
	123	{
45c0711b	124	%session = ();
	125	%config = ();
	126
	127	my $now = time;
	128
	129	my $c = MockCxt->new;
	130	$c->setup;
29d15411	131	$c->_load_session;
45c0711b	132
	133	ok( $c->session, "creating a session works" );
	134	ok( $c->sessionid, "session id generated" );
	135
	136	cmp_ok( $c->session->{__created}, ">=", $now, "__created time is logical" );
	137	cmp_ok( $c->session->{__updated}, ">=", $now, "__updated time is logical" );
	138	cmp_ok(
	139	$c->session->{__expires},
	140	">=",
	141	( $now + $config{session}{expires} ),
	142	"__expires time is logical"
	143	);
	144	is( $c->session->{__address},
	145	$c->request->address, "address is also correct" );
	146
	147	cmp_deeply(
0974ac06	148	[ keys %{ $c->_session } ],
45c0711b	149	bag(qw/__expires __created __updated __address/),
	150	"initial keys in session are all there",
	151	);
9e447f9d	152	}
9e447f9d	153
9e447f9d	154	{
45c0711b	155	%session = (
	156	__expires => time() + 1000,
	157	__created => time(),
	158	__updated => time(),
	159	__address => "127.0.0.1",
	160	);
	161
	162	$config{session}{expires} = 2000;
9e447f9d	163
45c0711b	164	my $c = MockCxt->new;
45c0711b	165	$c->setup;
9e447f9d	166
45c0711b	167	my $now = time();
9e447f9d	168
0974ac06	169	$c->sessionid("decafbad");
29d15411	170	$c->_load_session;
45c0711b	171	$c->finalize;
9e447f9d	172
0974ac06	173	ok( $c->_session,
45c0711b	174	"session is still alive after 1/2 expired and finalized" );
9e447f9d	175
45c0711b	176	cmp_ok(
	177	$c->session->{__expires},
	178	">=",
	179	$now + 2000,
	180	"session expires time extended"
	181	);
b7acf64e	182	}
	183
	184	{
	185	my $c = MockCxt->new;
	186	$c->setup;
0974ac06	187
	188	dies_ok {
	189	$c->sessionid("user:foo");
	190	} "can't set invalid sessionid string";
9e447f9d	191	}
9e447f9d	192
b7acf64e	193	{
	194	%session = (
	195	%session,
	196	__expire_keys => {
	197	foo => time - 1000,
	198	bar => time + 1000,
	199	},
	200	foo => 1,
	201	bar => 2,
	202	gorch => 3,
	203	);
	204
	205	my $c = MockCxt->new;
	206	$c->setup;
	207
	208	$c->sessionid("decafbad");
29d15411	209	$c->_load_session;
b7acf64e	210	$c->finalize;
	211
	212	ok( !$c->session->{foo}, "foo was deleted, expired");
	213	ok( $c->session->{bar}, "bar not deleted - still valid");
	214	ok( $c->session->{gorch}, "gorch not deleted - no expiry");
	215
	216	is_deeply( [ sort keys %{ $c->session->{__expire_keys} } ], [qw/bar/], "expiry entry only for bar");
	217
	218	$c->session_expire_key( gorch => 10 );
	219
	220	is_deeply( [ sort keys %{ $c->session->{__expire_keys} } ], [qw/bar gorch/], "expiry entries for bar and gorch");
	221	}