From 65c8ce3963668aa18093778e29fdcaebc27b4814 Mon Sep 17 00:00:00 2001
From: ADmad <admad.coder@gmail.com>
Date: Fri, 29 May 2015 18:36:56 +0530
Subject: [PATCH] Improve code to avoid accessing session

---
 src/Auth/Storage/SessionStorage.php               | 15 +++++++++------
 .../Controller/Component/AuthComponentTest.php    |  2 +-
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/Auth/Storage/SessionStorage.php b/src/Auth/Storage/SessionStorage.php
index ad8571e2442..87d4e5fd779 100644
--- a/src/Auth/Storage/SessionStorage.php
+++ b/src/Auth/Storage/SessionStorage.php
@@ -28,7 +28,10 @@ class SessionStorage implements StorageInterface
     /**
      * User record.
      *
-     * @var array
+     * Stores user record array if fetched from session or false if session
+     * does not have user record.
+     *
+     * @var array|bool
      */
     protected $_user;
 
@@ -40,7 +43,7 @@ class SessionStorage implements StorageInterface
     protected $_session;
 
     /**
-     * Default configuration for this class
+     * Default configuration for this class.
      *
      * @var array
      */
@@ -67,11 +70,11 @@ public function __construct(Request $request, array $config = [])
      */
     public function get()
     {
-        if ($this->_user) {
-            return $this->_user;
+        if ($this->_user !== null) {
+            return $this->_user ?: null;
         }
 
-        $this->_user = $this->_session->read($this->_config['key']);
+        $this->_user = $this->_session->read($this->_config['key']) ?: false;
         return $this->_user;
     }
 
@@ -100,7 +103,7 @@ public function set(array $user)
      */
     public function remove()
     {
-        $this->_user = null;
+        $this->_user = false;
 
         $this->_session->delete($this->_config['key']);
         $this->_session->renew();
diff --git a/tests/TestCase/Controller/Component/AuthComponentTest.php b/tests/TestCase/Controller/Component/AuthComponentTest.php
index c13581905ce..5d1b270459b 100644
--- a/tests/TestCase/Controller/Component/AuthComponentTest.php
+++ b/tests/TestCase/Controller/Component/AuthComponentTest.php
@@ -183,7 +183,7 @@ public function testRedirectVarClearing()
         $this->Auth->startup($event);
         $this->assertEquals('/auth_test/add', $this->Auth->session->read('Auth.redirect'));
 
-        $this->Auth->session->write('Auth.User', ['username' => 'admad']);
+        $this->Auth->storage()->set(['username' => 'admad']);
         $this->Auth->startup($event, $this->Controller);
         $this->assertNull($this->Auth->session->read('Auth.redirect'));
     }