enhanced token management by adding optional expiry refresh in token_get_record and updated session API documentation
Some checks failed
PHPUnit / test (push) Has been cancelled

This commit is contained in:
2026-06-24 10:23:19 +02:00
parent b02f264b23
commit 67858d34d9
4 changed files with 43 additions and 10 deletions

View File

@ -41,4 +41,25 @@ final class TokenTest extends QdbTestCase
$this->assertGreaterThanOrEqual(2, $n);
$this->assertNull(token_get_record($t1));
}
public function testTokenLookupRefreshesExpiry(): void
{
$token = bin2hex(random_bytes(32));
$f = $this->fixture();
token_add($token, 3600, [
'userID' => $f->adminUserId,
'role' => 'admin',
'entityID' => 'ent',
]);
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
$oldExpiry = time() + 60;
$pdo->prepare('UPDATE session SET expiresAt = :exp WHERE token = :t')
->execute([':exp' => $oldExpiry, ':t' => token_storage_key($token)]);
qdb_save($tmpDb, $lockFp);
$rec = token_get_record($token);
$this->assertNotNull($rec);
$this->assertGreaterThan($oldExpiry + 3000, $rec['exp']);
}
}