CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-25 17:50:38 +12:00
Code Issues Projects Releases Wiki Activity

Remove console restrictions

Browse source
This commit is contained in:
eldadfux 2019-09-15 19:50:57 +03:00
parent a5c3e978e8
commit c559379f8e
4 changed files with 52 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
app/controllers/auth.php
View file

@ -65,9 +65,9 @@ $utopia->post('/v1/auth/register')
if (!empty($profile)) {
if ($failure) {
//$response->redirect($failure);
$response->redirect($failure . '?message=User already registered');
//return;
return;
}
throw new Exception('User already registered', 400);
@ -331,9 +331,9 @@ $utopia->post('/v1/auth/login')
;
if ($failure) {
//$response->redirect($failure);
$response->redirect($failure);
//return;
return;
}
throw new Exception('Invalid credentials', 401); // Wrong password or username
@ -390,7 +390,7 @@ $utopia->delete('/v1/auth/logout')
->label('scope', 'account')
->label('sdk.namespace', 'auth')
->label('sdk.method', 'logout')
->label('sdk.description', 'Use this endpoint to log out the currently logged in user from his account. When succeed this endpoint will delete the user session and remove the session secret cookie.')
->label('sdk.description', 'Use this endpoint to log out the currently logged in user from his account. When succeed this endpoint will delete the user session and remove the session secret cookie from the user client.')
->label('abuse-limit', 100)
->action(
function () use ($response, $request, $user, $projectDB, $audit, $webhook) {

5
docker-compose.yml
View file

@ -32,10 +32,7 @@ services:
- _APP_INFLUXDB_PORT=8086
- _APP_STATSD_HOST=telegraf
- _APP_STATSD_PORT=8125
#- _APP_CONSOLE_WHITELIST_EMAILS=user1@example.com,user2@example.com
#- _APP_CONSOLE_WHITELIST_IPS=192.1.1.100,192.1.1.101
#- _APP_CONSOLE_WHITELIST_DOMAINS=appwrite.io,example.com
mariadb:
image: appwrite/mariadb:1.0.0 # fix issues when upgrading using: mysql_upgrade -u root -p
restart: unless-stopped

17
tests/e2e/Client.php
View file

@ -224,12 +224,29 @@ class Client
curl_close($ch);
$responseHeaders['status-code'] = $responseStatus;
return [
'headers' => $responseHeaders,
'body' => $responseBody
];
}
/**
* Parse Cookie String
*
* @param string $cookie
* @return array
*/
public function parseCookie($cookie)
{
$cookies = [];
parse_str(strtr($cookie, array('&' => '%26', '+' => '%2B', ';' => '&')), $cookies);
return $cookies;
}
/**
* Flatten params array to PHP multiple format
*

30
tests/e2e/ConsoleTest.php
View file

@ -70,9 +70,37 @@ class ConsoleTest extends TestCase
'failure' => 'http://localhost/failure',
]);
var_dump();
$session = $this->client->parseCookie($response['headers']['set-cookie'])['a-session-console'];
var_dump($response['headers']);
$this->assertEquals('http://localhost/success', $response['headers']['location']);
$this->assertEquals("\n", $response['body']);
return ['session' => $session];
}
/**
* @depends testLoginSuccess
*/
public function testLogoutSuccess($data)
{
$response = $this->client->call(Client::METHOD_DELETE, '/auth/logout', [
'origin' => 'http://localhost',
'content-type' => 'application/json',
'cookie' => 'a-session-console=' . $data['session'],
], []);
var_dump($response);
$this->assertEquals('http://localhost/success', $response['headers']['location']);
$this->assertEquals("\n", $response['body']);
}
// public function testLogoutFailure()
// {
// $response = $this->client->call(Client::METHOD_DELETE, '/auth/logout', [
// 'origin' => 'http://localhost',
// 'content-type' => 'application/json',
// ], []);
// $this->assertEquals('401', $response['body']['code']);
// }
}