sonot
/
PteroTheme
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add test, fix behavior of model creation

This commit is contained in:
Dane Everitt 2018-07-14 22:58:33 -07:00
parent 550c622d3b
commit 8bbe6bc279
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
2 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Http/Middleware/Api/AuthenticateKey.php
View File

@ -68,15 +68,15 @@ class AuthenticateKey
// This is a request coming through using cookies, we have an authenticated user not using // This is a request coming through using cookies, we have an authenticated user not using
// an API key. Make some fake API key models and continue on through the process. // an API key. Make some fake API key models and continue on through the process.
if (empty($raw) && $request->user() instanceof User) { if (empty($raw) && $request->user() instanceof User) {
$model = new ApiKey([ $model = (new ApiKey())->forceFill([
'user_id' => $request->user()->id, 'user_id' => $request->user()->id,
'key_type' => ApiKey::TYPE_ACCOUNT, 'key_type' => ApiKey::TYPE_ACCOUNT,
]); ]);
} else { } else {
$model = $this->authenticateApiKey($raw, $keyType); $model = $this->authenticateApiKey($raw, $keyType);
$this->auth->guard()->loginUsingId($model->user_id);
} }
$this->auth->guard()->loginUsingId($model->user_id);
$request->attributes->set('api_key', $model); $request->attributes->set('api_key', $model);
return $next($request); return $next($request);

21
tests/Unit/Http/Middleware/API/AuthenticateKeyTest.php
View File

@ -4,6 +4,7 @@ namespace Tests\Unit\Http\Middleware\API;
use Mockery as m; use Mockery as m;
use Cake\Chronos\Chronos; use Cake\Chronos\Chronos;
use Pterodactyl\Models\User;
use Pterodactyl\Models\ApiKey; use Pterodactyl\Models\ApiKey;
use Illuminate\Auth\AuthManager; use Illuminate\Auth\AuthManager;
use Illuminate\Contracts\Encryption\Encrypter; use Illuminate\Contracts\Encryption\Encrypter;
@ -48,6 +49,7 @@ class AuthenticateKeyTest extends MiddlewareTestCase
*/ */
public function testMissingBearerTokenThrowsException() public function testMissingBearerTokenThrowsException()
{ {
$this->request->shouldReceive('user')->andReturnNull();
$this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturnNull(); $this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturnNull();
try { try {
@ -117,6 +119,25 @@ class AuthenticateKeyTest extends MiddlewareTestCase
$this->assertEquals($model, $this->request->attributes->get('api_key')); $this->assertEquals($model, $this->request->attributes->get('api_key'));
} }
/**
* Test that we can still make it though this middleware if the user is logged in and passing
* through a cookie.
*/
public function testAccessWithoutToken()
{
$user = factory(User::class)->make(['id' => 123]);
$this->request->shouldReceive('user')->andReturn($user);
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturnNull();
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions(), ApiKey::TYPE_ACCOUNT);
$model = $this->request->attributes->get('api_key');
$this->assertSame(ApiKey::TYPE_ACCOUNT, $model->key_type);
$this->assertSame(123, $model->user_id);
$this->assertNull($model->identifier);
}
/** /**
* Test that a valid token identifier with an invalid token attached to it * Test that a valid token identifier with an invalid token attached to it
* triggers an exception. * triggers an exception.