enhanced token management by adding optional expiry refresh in token_get_record and updated session API documentation
Some checks failed
PHPUnit / test (push) Has been cancelled
Some checks failed
PHPUnit / test (push) Has been cancelled
This commit is contained in:
@ -41,4 +41,25 @@ final class TokenTest extends QdbTestCase
|
||||
$this->assertGreaterThanOrEqual(2, $n);
|
||||
$this->assertNull(token_get_record($t1));
|
||||
}
|
||||
|
||||
public function testTokenLookupRefreshesExpiry(): void
|
||||
{
|
||||
$token = bin2hex(random_bytes(32));
|
||||
$f = $this->fixture();
|
||||
token_add($token, 3600, [
|
||||
'userID' => $f->adminUserId,
|
||||
'role' => 'admin',
|
||||
'entityID' => 'ent',
|
||||
]);
|
||||
|
||||
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
||||
$oldExpiry = time() + 60;
|
||||
$pdo->prepare('UPDATE session SET expiresAt = :exp WHERE token = :t')
|
||||
->execute([':exp' => $oldExpiry, ':t' => token_storage_key($token)]);
|
||||
qdb_save($tmpDb, $lockFp);
|
||||
|
||||
$rec = token_get_record($token);
|
||||
$this->assertNotNull($rec);
|
||||
$this->assertGreaterThan($oldExpiry + 3000, $rec['exp']);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user