Skip to content

Commit

Permalink
reworked deleting already deleted session test case
Browse files Browse the repository at this point in the history
  • Loading branch information
konradoboza committed Jun 4, 2024
1 parent 363f36d commit 1e30962
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 6 deletions.
2 changes: 1 addition & 1 deletion src/lib/Server/Controller/SessionController.php
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ public function refreshSessionAction($sessionId, Request $request)

$session = $request->getSession();

if ($session === null || !$session->isStarted() || $session->getId() != $sessionId || !$this->hasStoredCsrfToken()) {
if ($session === null || !$session->isStarted() || $session->getId() !== $sessionId || !$this->hasStoredCsrfToken()) {
return $this->logout($request);
}

Expand Down
13 changes: 8 additions & 5 deletions tests/bundle/Functional/SessionTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -142,14 +142,17 @@ public function testLoginWithExistingFrontendSession(): void
public function testDeleteSessionExpired(): void
{
$session = $this->login();
$deleteSessionRequest = $this->createDeleteRequest($session);

$this->sendHttpRequest($this->createDeleteRequest($session));

//triggered again to make sure deleting already deleted session is not possible
$response = $this->sendHttpRequest($this->createDeleteRequest($session));
$response = $this->sendHttpRequest($deleteSessionRequest);
dump($response);
self::assertHttpResponseCodeEquals($response, 204);
self::assertHttpResponseDeletesSessionCookie($session, $response);

//triggered again to make sure deleting already deleted session results in 404
$response = $this->sendHttpRequest($deleteSessionRequest);
dd($response);
self::assertHttpResponseCodeEquals($response, 404);

Check failure on line 155 in tests/bundle/Functional/SessionTest.php

View workflow job for this annotation

GitHub Actions / Unit & integration tests (8.3)

Unreachable statement - code above always terminates.
self::assertHttpResponseDeletesSessionCookie($session, $response);
}

protected function createRefreshRequest(stdClass $session): RequestInterface
Expand Down

0 comments on commit 1e30962

Please sign in to comment.