Skip to content

Commit

Permalink
add getCookieConfig for testing cookies
Browse files Browse the repository at this point in the history
  • Loading branch information
@hobbitronics
hobbitronics committed Aug 12, 2024
1 parent be6147f commit 8c08b90
Show file tree
Hide file tree
Showing 8 changed files with 100 additions and 364 deletions.
55 changes: 11 additions & 44 deletions application/tests/api/AuthCest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,7 @@ public function test3(ApiTester $I)
{
$I->wantTo('check response when making a POST request for logging in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendPOST('/auth/login');
$I->seeResponseCodeIs(302);
}
Expand All @@ -28,10 +25,7 @@ public function test33(ApiTester $I)
{
$I->wantTo('check response when making a PUT request for logging in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendPUT('/auth/login');
$I->seeResponseCodeIs(405);
}
Expand All @@ -40,10 +34,7 @@ public function test34(ApiTester $I)
{
$I->wantTo('check response when making a DELETE request for logging in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendDELETE('/auth/login');
$I->seeResponseCodeIs(405);
}
Expand All @@ -52,10 +43,7 @@ public function test35(ApiTester $I)
{
$I->wantTo('check response when making a OPTIONS request for logging in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendOPTIONS('/auth/login');
$I->seeResponseCodeIs(405);
}
Expand All @@ -64,20 +52,14 @@ public function test4(ApiTester $I)
{
$I->wantTo('check response for making a GET request for logging out when already logged in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user2', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user2', parent::getCookieConfig());
$I->haveHttpHeader('X-Codeception-CodeCoverage', '');
$I->haveHttpHeader('HTTP_X_CODECEPTION_CODECOVERAGE', '');
$I->sendGET('/user/me');
$I->seeResponseCodeIs(200);
$I->sendGET('/auth/logout');
$I->seeResponseCodeIs(302);
$I->setCookie('access_token', 'user2', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user2', parent::getCookieConfig());
$I->sendGET('/user/me');
$I->seeResponseCodeIs(401);
}
Expand All @@ -86,18 +68,12 @@ public function test5(ApiTester $I)
{
$I->wantTo('check response for making a GET request for logging out when already logged out');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user4', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user4', parent::getCookieConfig());
$I->sendGET('/user/me');
$I->seeResponseCodeIs(401);
$I->sendGET('/auth/logout');
$I->seeResponseCodeIs(302);
$I->setCookie('access_token', 'user4', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user4', parent::getCookieConfig());
$I->sendGET('/user/me');
$I->seeResponseCodeIs(401);
}
Expand All @@ -106,10 +82,7 @@ public function test6(ApiTester $I)
{
$I->wantTo('check response for making a POST request for logging out when already logged in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user2', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user2', parent::getCookieConfig());
$I->sendPOST('/auth/logout');
$I->seeResponseCodeIs(405);
}
Expand All @@ -118,10 +91,7 @@ public function test7(ApiTester $I)
{
$I->wantTo('check response for making a PUT request for logging out when already logged in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user2', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user2', parent::getCookieConfig());
$I->sendPUT('/auth/logout');
$I->seeResponseCodeIs(405);
}
Expand All @@ -130,10 +100,7 @@ public function test8(ApiTester $I)
{
$I->wantTo('check response for making a OPTIONS request for logging out when already logged in');
$I->stopFollowingRedirects();
$I->setCookie('access_token', 'user2', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user2', parent::getCookieConfig());
$I->sendOPTIONS('/auth/logout');
$I->seeResponseCodeIs(200);
}
Expand Down
9 changes: 9 additions & 0 deletions application/tests/api/BaseCest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,13 @@ public function _after(ApiTester $I)
{
$this->fixtureHelper->_afterSuite();
}

public function getCookieConfig()
{
return
[
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true, // Cookie is not accessible via JavaScript
];
}
}
30 changes: 6 additions & 24 deletions application/tests/api/ConfigCest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,7 @@ public function test1(ApiTester $I)
public function test12(ApiTester $I)
{
$I->wantTo('check response when making authenticated GET request to config');
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendGET('/config');
$I->seeResponseCodeIs(200);
$I->seeResponseIsJson();
Expand All @@ -42,10 +39,7 @@ public function test2(ApiTester $I)
public function test22(ApiTester $I)
{
$I->wantTo('check response when making authenticated POST request to config');
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendPOST('/config');
$I->seeResponseCodeIs(405);
}
Expand All @@ -60,10 +54,7 @@ public function test3(ApiTester $I)
public function test32(ApiTester $I)
{
$I->wantTo('check response when making authenticated PUT request to config');
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendPUT('/config');
$I->seeResponseCodeIs(405);
}
Expand All @@ -78,10 +69,7 @@ public function test4(ApiTester $I)
public function test42(ApiTester $I)
{
$I->wantTo('check response when making authenticated DELETE request to config');
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendDELETE('/config');
$I->seeResponseCodeIs(405);
}
Expand All @@ -96,10 +84,7 @@ public function test5(ApiTester $I)
public function test52(ApiTester $I)
{
$I->wantTo('check response when making authenticated PATCH request to config');
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendPATCH('/config');
$I->seeResponseCodeIs(405);
}
Expand All @@ -114,10 +99,7 @@ public function test6(ApiTester $I)
public function test7(ApiTester $I)
{
$I->wantTo('check response when making authenticated OPTIONS request to config');
$I->setCookie('access_token', 'user1', [
'expire' => time() + 3600, // Cookie expires in 1 hour
'httpOnly' => true // Cookie is not accessible via JavaScript
]);
$I->setCookie('access_token', 'user1', parent::getCookieConfig());
$I->sendOPTIONS('/config');
$I->seeResponseCodeIs(200);
}
Expand Down
Loading

0 comments on commit 8c08b90

Please sign in to comment.