From 68ed2d677d231f1362e6d4c5ceae8ce6353e5fbe Mon Sep 17 00:00:00 2001 From: Charles Sprayberry Date: Sat, 17 Feb 2024 11:19:16 -0500 Subject: [PATCH] Ensure session destruction handled by OpenSession middleware --- src/Web/Middleware/OpenSession.php | 4 ++- .../Middleware/OpenSessionMiddlewareTest.php | 28 +++++++++++++++---- .../Web/Stub/SessionDestroyingController.php | 24 ++++++++++++++++ 3 files changed, 50 insertions(+), 6 deletions(-) create mode 100644 test/Unit/Web/Stub/SessionDestroyingController.php diff --git a/src/Web/Middleware/OpenSession.php b/src/Web/Middleware/OpenSession.php index 2cafd20..b575437 100644 --- a/src/Web/Middleware/OpenSession.php +++ b/src/Web/Middleware/OpenSession.php @@ -24,7 +24,9 @@ public function handleRequest(Request $request, RequestHandler $requestHandler) $response = $requestHandler->handleRequest($request); - $session->commit(); + if ($session->isLocked()) { + $session->commit(); + } return $response; } diff --git a/test/Unit/Web/Middleware/OpenSessionMiddlewareTest.php b/test/Unit/Web/Middleware/OpenSessionMiddlewareTest.php index 05c45e2..50ed309 100644 --- a/test/Unit/Web/Middleware/OpenSessionMiddlewareTest.php +++ b/test/Unit/Web/Middleware/OpenSessionMiddlewareTest.php @@ -13,6 +13,7 @@ use Amp\Http\Server\Session\SessionStorage; use Amp\Sync\LocalKeyedMutex; use Labrador\Test\Unit\Web\Stub\ResponseControllerStub; +use Labrador\Test\Unit\Web\Stub\SessionDestroyingController; use Labrador\Web\Exception\SessionNotEnabled; use Labrador\Web\Middleware\OpenSession; use League\Uri\Http; @@ -44,7 +45,7 @@ public function testRequestDoesNotHaveSessionThrowsException() : void { $this->expectExceptionMessage('The ' . OpenSession::class . ' was added to a route but no session was found on the request.'); $this->subject->handleRequest( - new Request($this->client, 'GET', Http::createFromString('https://example.com')), + new Request($this->client, 'GET', Http::new('https://example.com')), $handler ); } @@ -57,7 +58,7 @@ public function testRequestDoesHaveSessionOpensItBeforeRequestHandler() : void { $this->sessionId = $generator->generate() ); - $request = new Request($this->client, 'GET', Http::createFromString('https://example.com')); + $request = new Request($this->client, 'GET', Http::new('https://example.com')); $request->setAttribute(Session::class, $this->session); $handler = $this->getMockBuilder(RequestHandler::class)->getMock(); @@ -79,7 +80,7 @@ public function testRequestDoesHaveSessionSavesToStorageIfControllerWritesData() $this->sessionId = $generator->generate() ); - $request = new Request($this->client, 'GET', Http::createFromString('https://example.com')); + $request = new Request($this->client, 'GET', Http::new('https://example.com')); $request->setAttribute(Session::class, $this->session); self::assertEmpty($this->storage->read($this->sessionId)); @@ -104,7 +105,7 @@ public function testRequestSessionIsUnlockedAfterControllerInvoked() : void { $this->sessionId = $generator->generate() ); - $request = new Request($this->client, 'GET', Http::createFromString('https://example.com')); + $request = new Request($this->client, 'GET', Http::new('https://example.com')); $request->setAttribute(Session::class, $this->session); $this->subject->handleRequest($request, new ResponseControllerStub(new Response())); @@ -112,4 +113,21 @@ public function testRequestSessionIsUnlockedAfterControllerInvoked() : void { self::assertFalse($this->session->isLocked()); } -} \ No newline at end of file + public function testHandleSessionBeingDestroyedDoesNotThrowError() : void { + $this->session = new Session( + new LocalKeyedMutex(), + $this->storage = new LocalSessionStorage(), + $generator = new Base64UrlSessionIdGenerator(), + $this->sessionId = $generator->generate() + ); + + $request = new Request($this->client, 'GET', Http::new('https://example.com')); + $request->setAttribute(Session::class, $this->session); + + $response = $this->subject->handleRequest($request, new SessionDestroyingController()); + + self::assertFalse($this->session->isLocked()); + self::assertSame('Session destroyed', $response->getBody()->read()); + } + +} diff --git a/test/Unit/Web/Stub/SessionDestroyingController.php b/test/Unit/Web/Stub/SessionDestroyingController.php new file mode 100644 index 0000000..2bdecb6 --- /dev/null +++ b/test/Unit/Web/Stub/SessionDestroyingController.php @@ -0,0 +1,24 @@ +getAttribute(Session::class); + + Assert::assertInstanceOf(Session::class, $session); + + $session->destroy(); + + return new Response(body: 'Session destroyed'); + } + +}