Do not create remember me cookie

Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl 2020-04-21 10:54:22 +02:00
parent 84330f1d36
commit 2eadf9d567
No known key found for this signature in database
GPG Key ID: 4C614C6ED2CDE6DF
2 changed files with 30 additions and 3 deletions

View File

@ -26,18 +26,22 @@ declare(strict_types=1);
namespace OC\Authentication\Login; namespace OC\Authentication\Login;
use OC\User\Session; use OC\User\Session;
use OCP\IConfig;
class FinishRememberedLoginCommand extends ALoginCommand { class FinishRememberedLoginCommand extends ALoginCommand {
/** @var Session */ /** @var Session */
private $userSession; private $userSession;
/** @var IConfig */
private $config;
public function __construct(Session $userSession) { public function __construct(Session $userSession, IConfig $config) {
$this->userSession = $userSession; $this->userSession = $userSession;
$this->config = $config;
} }
public function process(LoginData $loginData): LoginResult { public function process(LoginData $loginData): LoginResult {
if ($loginData->isRememberLogin()) { if ($loginData->isRememberLogin() && $this->config->getSystemValue('auto_logout', false) === false) {
$this->userSession->createRememberMeToken($loginData->getUser()); $this->userSession->createRememberMeToken($loginData->getUser());
} }

View File

@ -27,20 +27,25 @@ namespace lib\Authentication\Login;
use OC\Authentication\Login\FinishRememberedLoginCommand; use OC\Authentication\Login\FinishRememberedLoginCommand;
use OC\User\Session; use OC\User\Session;
use OCP\IConfig;
use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\MockObject\MockObject;
class FinishRememberedLoginCommandTest extends ALoginCommandTest { class FinishRememberedLoginCommandTest extends ALoginCommandTest {
/** @var Session|MockObject */ /** @var Session|MockObject */
private $userSession; private $userSession;
/** @var IConfig|MockObject */
private $config;
protected function setUp(): void { protected function setUp(): void {
parent::setUp(); parent::setUp();
$this->userSession = $this->createMock(Session::class); $this->userSession = $this->createMock(Session::class);
$this->config = $this->createMock(IConfig::class);
$this->cmd = new FinishRememberedLoginCommand( $this->cmd = new FinishRememberedLoginCommand(
$this->userSession $this->userSession,
$this->config
); );
} }
@ -57,6 +62,10 @@ class FinishRememberedLoginCommandTest extends ALoginCommandTest {
public function testProcess() { public function testProcess() {
$data = $this->getLoggedInLoginData(); $data = $this->getLoggedInLoginData();
$this->config->expects($this->once())
->method('getSystemValue')
->with('auto_logout', false)
->willReturn(false);
$this->userSession->expects($this->once()) $this->userSession->expects($this->once())
->method('createRememberMeToken') ->method('createRememberMeToken')
->with($this->user); ->with($this->user);
@ -65,4 +74,18 @@ class FinishRememberedLoginCommandTest extends ALoginCommandTest {
$this->assertTrue($result->isSuccess()); $this->assertTrue($result->isSuccess());
} }
public function testProcessNotRemeberedLoginWithAutologout() {
$data = $this->getLoggedInLoginData();
$this->config->expects($this->once())
->method('getSystemValue')
->with('auto_logout', false)
->willReturn(true);
$this->userSession->expects($this->never())
->method('createRememberMeToken');
$result = $this->cmd->process($data);
$this->assertTrue($result->isSuccess());
}
} }