mirror of
https://github.com/pterodactyl/panel.git
synced 2024-11-26 02:52:30 +01:00
Add test, fix behavior of model creation
This commit is contained in:
parent
550c622d3b
commit
8bbe6bc279
@ -68,15 +68,15 @@ class AuthenticateKey
|
||||
// This is a request coming through using cookies, we have an authenticated user not using
|
||||
// an API key. Make some fake API key models and continue on through the process.
|
||||
if (empty($raw) && $request->user() instanceof User) {
|
||||
$model = new ApiKey([
|
||||
$model = (new ApiKey())->forceFill([
|
||||
'user_id' => $request->user()->id,
|
||||
'key_type' => ApiKey::TYPE_ACCOUNT,
|
||||
]);
|
||||
} else {
|
||||
$model = $this->authenticateApiKey($raw, $keyType);
|
||||
$this->auth->guard()->loginUsingId($model->user_id);
|
||||
}
|
||||
|
||||
$this->auth->guard()->loginUsingId($model->user_id);
|
||||
$request->attributes->set('api_key', $model);
|
||||
|
||||
return $next($request);
|
||||
|
@ -4,6 +4,7 @@ namespace Tests\Unit\Http\Middleware\API;
|
||||
|
||||
use Mockery as m;
|
||||
use Cake\Chronos\Chronos;
|
||||
use Pterodactyl\Models\User;
|
||||
use Pterodactyl\Models\ApiKey;
|
||||
use Illuminate\Auth\AuthManager;
|
||||
use Illuminate\Contracts\Encryption\Encrypter;
|
||||
@ -48,6 +49,7 @@ class AuthenticateKeyTest extends MiddlewareTestCase
|
||||
*/
|
||||
public function testMissingBearerTokenThrowsException()
|
||||
{
|
||||
$this->request->shouldReceive('user')->andReturnNull();
|
||||
$this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturnNull();
|
||||
|
||||
try {
|
||||
@ -117,6 +119,25 @@ class AuthenticateKeyTest extends MiddlewareTestCase
|
||||
$this->assertEquals($model, $this->request->attributes->get('api_key'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that we can still make it though this middleware if the user is logged in and passing
|
||||
* through a cookie.
|
||||
*/
|
||||
public function testAccessWithoutToken()
|
||||
{
|
||||
$user = factory(User::class)->make(['id' => 123]);
|
||||
|
||||
$this->request->shouldReceive('user')->andReturn($user);
|
||||
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturnNull();
|
||||
|
||||
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions(), ApiKey::TYPE_ACCOUNT);
|
||||
$model = $this->request->attributes->get('api_key');
|
||||
|
||||
$this->assertSame(ApiKey::TYPE_ACCOUNT, $model->key_type);
|
||||
$this->assertSame(123, $model->user_id);
|
||||
$this->assertNull($model->identifier);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a valid token identifier with an invalid token attached to it
|
||||
* triggers an exception.
|
||||
|
Loading…
Reference in New Issue
Block a user