Process token retrieve through Slim controller

This commit is contained in:
ArthurHoaro 2020-06-21 12:21:31 +02:00
parent 1b8620b1ad
commit 764d34a7d3
5 changed files with 71 additions and 4 deletions

View file

@ -0,0 +1,26 @@
<?php
declare(strict_types=1);
namespace Shaarli\Front\Controller\Admin;
use Slim\Http\Request;
use Slim\Http\Response;
/**
* Class TokenController
*
* Endpoint used to retrieve a XSRF token. Useful for AJAX requests.
*/
class TokenController extends ShaarliAdminController
{
/**
* GET /admin/token
*/
public function getToken(Request $request, Response $response): Response
{
$response = $response->withHeader('Content-Type', 'text/plain');
return $response->write($this->container->sessionManager->generateToken());
}
}

View file

@ -33,7 +33,7 @@ function updateThumb(basePath, ids, i, elements) {
elements.thumbnail.innerHTML = `<img src="${response.thumbnail}">`;
}
if (i < ids.length) {
updateThumb(ids, i, elements);
updateThumb(basePath, ids, i, elements);
}
}
};

View file

@ -27,7 +27,7 @@ function findParent(element, tagName, attributes) {
*/
function refreshToken(basePath) {
const xhr = new XMLHttpRequest();
xhr.open('GET', `${basePath}/?do=token`);
xhr.open('GET', `${basePath}/admin/token`);
xhr.onload = () => {
const token = document.getElementById('token');
token.setAttribute('value', xhr.responseText);

View file

@ -597,8 +597,7 @@ function renderPage($conf, $pluginManager, $bookmarkService, $history, $sessionM
// Get a fresh token
if ($targetPage == Router::$GET_TOKEN) {
header('Content-Type:text/plain');
echo $sessionManager->generateToken();
header('Location: ./admin/token');
exit;
}
@ -978,6 +977,7 @@ $app->group('', function () {
$this->post('/admin/import', '\Shaarli\Front\Controller\Admin\ImportController:import');
$this->get('/admin/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:index');
$this->post('/admin/plugins', '\Shaarli\Front\Controller\Admin\PluginsController:save');
$this->get('/admin/token', '\Shaarli\Front\Controller\Admin\TokenController:getToken');
$this->get('/links-per-page', '\Shaarli\Front\Controller\Admin\SessionFilterController:linksPerPage');
$this->get('/visibility/{visibility}', '\Shaarli\Front\Controller\Admin\SessionFilterController:visibility');

View file

@ -0,0 +1,41 @@
<?php
declare(strict_types=1);
namespace Shaarli\Front\Controller\Admin;
use PHPUnit\Framework\TestCase;
use Slim\Http\Request;
use Slim\Http\Response;
class TokenControllerTest extends TestCase
{
use FrontAdminControllerMockHelper;
/** @var TokenController */
protected $controller;
public function setUp(): void
{
$this->createContainer();
$this->controller = new TokenController($this->container);
}
public function testGetToken(): void
{
$request = $this->createMock(Request::class);
$response = new Response();
$this->container->sessionManager
->expects(static::once())
->method('generateToken')
->willReturn($token = 'token1234')
;
$result = $this->controller->getToken($request, $response);
static::assertSame(200, $result->getStatusCode());
static::assertSame($token, (string) $result->getBody());
}
}