| public bootSession ( ) : ElggUser | null | ||
| return | ElggUser | null | |
public function bootSession()
{
if (!$this->cookie_token) {
return null;
}
// is this token good?
$cookie_hash = $this->hashToken($this->cookie_token);
$user = $this->getUserFromHash($cookie_hash);
if ($user) {
$this->setSession($this->cookie_token);
// note: if the token is legacy, we don't both replacing it here because
// it will be replaced during the next request boot
return $user;
} else {
if ($this->isLegacyToken($this->cookie_token)) {
// may be attempt to brute force legacy low-entropy tokens
call_user_func($this->_callable_sleep, 1);
}
$this->setCookie('');
}
} function testBootSessionWithInvalidLegacyTokenCausesDelayAndFailure()
{
$this->dbMock->expects($this->once())->method('getDataRow')->will($this->returnValue(array()));
$this->svc = $this->getSvcWithCookie(str_repeat('b', 32));
$user = $this->svc->bootSession();
$this->assertSame(1, $this->timeSlept);
$this->assertSame('', $this->lastCookieSet->value);
$this->assertSame($this->thirtyDaysAgo, $this->lastCookieSet->expire);
$this->assertNull($user);
}