diff options
-rw-r--r-- | config/app.php | 2 | ||||
-rw-r--r-- | src/Middleware/RouteDispatcher.php | 4 | ||||
-rw-r--r-- | src/Middleware/SessionHandler.php | 59 | ||||
-rw-r--r-- | src/Middleware/SessionHandlerServiceProvider.php | 24 | ||||
-rw-r--r-- | tests/Unit/Middleware/RouteDispatcherTest.php | 3 | ||||
-rw-r--r-- | tests/Unit/Middleware/SessionHandlerServiceProviderTest.php | 44 | ||||
-rw-r--r-- | tests/Unit/Middleware/SessionHandlerTest.php | 61 |
7 files changed, 195 insertions, 2 deletions
diff --git a/config/app.php b/config/app.php index 7ba3509e..17fdee11 100644 --- a/config/app.php +++ b/config/app.php @@ -24,6 +24,7 @@ return [ \Engelsystem\Renderer\TwigServiceProvider::class, \Engelsystem\Middleware\RouteDispatcherServiceProvider::class, \Engelsystem\Middleware\RequestHandlerServiceProvider::class, + \Engelsystem\Middleware\SessionHandlerServiceProvider::class, // Additional services \Engelsystem\Mail\MailerServiceProvider::class, @@ -43,6 +44,7 @@ return [ \Engelsystem\Middleware\ErrorHandler::class, \Engelsystem\Middleware\VerifyCsrfToken::class, \Engelsystem\Middleware\RouteDispatcher::class, + \Engelsystem\Middleware\SessionHandler::class, // Handle request \Engelsystem\Middleware\RequestHandler::class, diff --git a/src/Middleware/RouteDispatcher.php b/src/Middleware/RouteDispatcher.php index 24a7906d..c20eba4b 100644 --- a/src/Middleware/RouteDispatcher.php +++ b/src/Middleware/RouteDispatcher.php @@ -50,7 +50,8 @@ class RouteDispatcher implements MiddlewareInterface $path = $request->getPathInfo(); } - $route = $this->dispatcher->dispatch($request->getMethod(), urldecode($path)); + $path = urldecode($path); + $route = $this->dispatcher->dispatch($request->getMethod(), $path); $status = $route[0]; if ($status == FastRouteDispatcher::NOT_FOUND) { @@ -70,6 +71,7 @@ class RouteDispatcher implements MiddlewareInterface $routeHandler = $route[1]; $request = $request->withAttribute('route-request-handler', $routeHandler); + $request = $request->withAttribute('route-request-path', $path); $vars = $route[2]; foreach ($vars as $name => $value) { diff --git a/src/Middleware/SessionHandler.php b/src/Middleware/SessionHandler.php new file mode 100644 index 00000000..8c53b0fd --- /dev/null +++ b/src/Middleware/SessionHandler.php @@ -0,0 +1,59 @@ +<?php + +namespace Engelsystem\Middleware; + +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\MiddlewareInterface; +use Psr\Http\Server\RequestHandlerInterface; +use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage; +use Symfony\Component\HttpFoundation\Session\Storage\SessionStorageInterface; + +class SessionHandler implements MiddlewareInterface +{ + /** @var SessionStorageInterface */ + protected $session; + + /** @var string[] */ + protected $paths = []; + + /** + * @param SessionStorageInterface $session + * @param array $paths + */ + public function __construct(SessionStorageInterface $session, array $paths = []) + { + $this->paths = $paths; + $this->session = $session; + } + + /** + * @param ServerRequestInterface $request + * @param RequestHandlerInterface $handler + * @return ResponseInterface + */ + public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface + { + $return = $handler->handle($request); + + $cookies = $request->getCookieParams(); + if ( + $this->session instanceof NativeSessionStorage + && in_array($request->getAttribute('route-request-path'), $this->paths) + && !isset($cookies[$this->session->getName()]) + ) { + $this->destroyNative(); + } + + return $return; + } + + /** + * @return bool + * @codeCoverageIgnore + */ + protected function destroyNative() + { + return session_destroy(); + } +} diff --git a/src/Middleware/SessionHandlerServiceProvider.php b/src/Middleware/SessionHandlerServiceProvider.php new file mode 100644 index 00000000..aefcb674 --- /dev/null +++ b/src/Middleware/SessionHandlerServiceProvider.php @@ -0,0 +1,24 @@ +<?php + +namespace Engelsystem\Middleware; + +use Engelsystem\Container\ServiceProvider; + +class SessionHandlerServiceProvider extends ServiceProvider +{ + public function register() + { + $this->app + ->when(SessionHandler::class) + ->needs('$paths') + ->give(function () { + return [ + '/api', + '/ical', + '/metrics', + '/shifts-json-export', + '/stats', + ]; + }); + } +} diff --git a/tests/Unit/Middleware/RouteDispatcherTest.php b/tests/Unit/Middleware/RouteDispatcherTest.php index 611d3b7c..d6ed3408 100644 --- a/tests/Unit/Middleware/RouteDispatcherTest.php +++ b/tests/Unit/Middleware/RouteDispatcherTest.php @@ -32,10 +32,11 @@ class RouteDispatcherTest extends TestCase ->with('HEAD', '/foo!bar') ->willReturn([FastRouteDispatcher::FOUND, $handler, ['foo' => 'bar', 'lorem' => 'ipsum']]); - $request->expects($this->exactly(3)) + $request->expects($this->exactly(4)) ->method('withAttribute') ->withConsecutive( ['route-request-handler', $handler], + ['route-request-path', '/foo!bar'], ['foo', 'bar'], ['lorem', 'ipsum'] ) diff --git a/tests/Unit/Middleware/SessionHandlerServiceProviderTest.php b/tests/Unit/Middleware/SessionHandlerServiceProviderTest.php new file mode 100644 index 00000000..bb4f7e92 --- /dev/null +++ b/tests/Unit/Middleware/SessionHandlerServiceProviderTest.php @@ -0,0 +1,44 @@ +<?php + +namespace Engelsystem\Test\Unit\Middleware; + +use Engelsystem\Middleware\SessionHandler; +use Engelsystem\Middleware\SessionHandlerServiceProvider; +use Engelsystem\Test\Unit\ServiceProviderTest; +use Illuminate\Contracts\Container\ContextualBindingBuilder; +use PHPUnit\Framework\MockObject\MockObject; + +class SessionHandlerServiceProviderTest extends ServiceProviderTest +{ + /** + * @covers \Engelsystem\Middleware\SessionHandlerServiceProvider::register() + */ + public function testRegister() + { + /** @var ContextualBindingBuilder|MockObject $bindingBuilder */ + $bindingBuilder = $this->createMock(ContextualBindingBuilder::class); + $app = $this->getApp(['when']); + + $app->expects($this->once()) + ->method('when') + ->with(SessionHandler::class) + ->willReturn($bindingBuilder); + + $bindingBuilder->expects($this->once()) + ->method('needs') + ->with('$paths') + ->willReturn($bindingBuilder); + + $bindingBuilder->expects($this->once()) + ->method('give') + ->willReturnCallback(function (callable $callable) { + $paths = $callable(); + + $this->assertTrue(is_array($paths)); + $this->assertTrue(in_array('/metrics', $paths)); + }); + + $serviceProvider = new SessionHandlerServiceProvider($app); + $serviceProvider->register(); + } +} diff --git a/tests/Unit/Middleware/SessionHandlerTest.php b/tests/Unit/Middleware/SessionHandlerTest.php new file mode 100644 index 00000000..4abd71a6 --- /dev/null +++ b/tests/Unit/Middleware/SessionHandlerTest.php @@ -0,0 +1,61 @@ +<?php + +namespace Engelsystem\Test\Unit\Middleware; + +use Engelsystem\Middleware\SessionHandler; +use PHPUnit\Framework\TestCase; +use PHPUnit_Framework_MockObject_MockObject as MockObject; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Server\RequestHandlerInterface; +use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage; + +class SessionHandlerTest extends TestCase +{ + /** + * @covers \Engelsystem\Middleware\SessionHandler::__construct + * @covers \Engelsystem\Middleware\SessionHandler::process + */ + public function testProcess() + { + /** @var NativeSessionStorage|MockObject $sessionStorage */ + $sessionStorage = $this->createMock(NativeSessionStorage::class); + /** @var ServerRequestInterface|MockObject $request */ + $request = $this->getMockForAbstractClass(ServerRequestInterface::class); + /** @var RequestHandlerInterface|MockObject $handler */ + $handler = $this->getMockForAbstractClass(RequestHandlerInterface::class); + /** @var ResponseInterface|MockObject $response */ + $response = $this->getMockForAbstractClass(ResponseInterface::class); + + $handler->expects($this->exactly(2)) + ->method('handle') + ->with($request) + ->willReturn($response); + + $request->expects($this->exactly(2)) + ->method('getCookieParams') + ->willReturnOnConsecutiveCalls([], ['SESSION' => 'BlaFoo']); + + $request->expects($this->exactly(2)) + ->method('getAttribute') + ->with('route-request-path') + ->willReturn('/foo'); + + $sessionStorage->expects($this->exactly(2)) + ->method('getName') + ->willReturn('SESSION'); + + /** @var SessionHandler|MockObject $middleware */ + $middleware = $this->getMockBuilder(SessionHandler::class) + ->setConstructorArgs([$sessionStorage, ['/foo']]) + ->setMethods(['destroyNative']) + ->getMock(); + + $middleware->expects($this->once()) + ->method('destroyNative') + ->willReturn(true); + + $middleware->process($request, $handler); + $middleware->process($request, $handler); + } +} |