AutoLoginMiddleware #218

src/User/AutoLoginMiddleware.php

@@ -2,15 +2,76 @@
 
 namespace Yiisoft\Yii\Web\User;
 
+use Psr\Http\Server\RequestHandlerInterface;
+use Psr\Http\Message\ResponseFactoryInterface;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\MiddlewareInterface;
+use Yiisoft\Auth\IdentityInterface;
+use Yiisoft\Auth\IdentityRepositoryInterface;
+use Yiisoft\Yii\Web\User\User;
+
 /**
  * AutoLoginMiddleware automatically logs user in based on "remember me" cookie
  */
-class AutoLoginMiddleware
+class AutoLoginMiddleware implements MiddlewareInterface
 {
     private User $user;
+    private IdentityRepositoryInterface $identityRepository;
 
-    public function __construct(User $user)
-    {
+    public function __construct(
+        User $user,
+        IdentityRepositoryInterface $identityRepository
+    ) {
         $this->user = $user;
+        $this->identityRepository = $identityRepository;
+    }
+
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        $data = $this->getIdentityAndDurationFromCookie($request);
+        if ($this->user->login($data['identity'], $data['duration'])) {
+            try {
+                $response = $handler->handle($request);
+            } catch (\Throwable $e) {
+                throw $e;
+            }
+
+            return $response;
+        } else {
+            throw new \Exception("Error authentication");
+        }
+    }
+
+    /**
+     * Determines if an identity cookie has a valid format and contains a valid auth key.
+     * This method is used when [[enableAutoLogin]] is true.
+     * This method attempts to authenticate a user using the information in the identity cookie.
+     * @param ServerRequestInterface $request Request to handle
+     * @return array|null Returns an array of 'identity' and 'duration' if valid, otherwise null.
+     */
+    protected function getIdentityAndDurationFromCookie(ServerRequestInterface $request)
+    {
+        $cookies = $request->getCookieParams();
+        $value = $cookies['remember'] ?? null;
+
+        if ($value === null) {
+            return null;
+        }
+
+        $data = json_decode($value, true);
+        if (is_array($data) && count($data) == 3) {
+            list($id, $authKey, $duration) = $data;
+            $identity = $this->identityRepository->findIdentity($id);
+            if ($identity !== null) {
+                if (!$identity instanceof IdentityInterface) {
+                    throw new \Exception("findIdentity() must return an object implementing IdentityInterface.");
+                } else {
+                    return ['identity' => $identity, 'duration' => $duration];
+                }
+            }
+        }
+
+        return null;
     }
 }

tests/User/AutoLoginMiddlewareTest.php

@@ -0,0 +1,98 @@
+<?php
+
+
+namespace Yiisoft\Yii\Web\Tests\User;
+
+use Nyholm\Psr7\Response;
+use PHPUnit\Framework\TestCase;
+use PHPUnit_Framework_MockObject_MockObject;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Yiisoft\Auth\IdentityInterface;
+use Yiisoft\Auth\IdentityRepositoryInterface;
+use Yiisoft\Yii\Web\User\User;
+use Yiisoft\Yii\Web\User\AutoLoginMiddleware;
+
+class AutoLoginMiddlewareTest extends TestCase
+{
+    /**
+     * @var RequestHandlerInterface|PHPUnit_Framework_MockObject_MockObject
+     */
+    private $requestHandlerMock;
+
+    /**
+     * @var ServerRequestInterface|PHPUnit_Framework_MockObject_MockObject
+     */
+    private $requestMock;
+
+    /**
+     * @var AutoLoginMiddleware
+     */
+    private $autoLoginMiddlewareMock;
+
+    /**
+     * @var IdentityRepositoryInterface
+     */
+    private $identityRepositoryInterfaceMock;
+
+    /**
+     * @var IdentityInterface
+     */
+    private $identityInterfaceMock;
+    /**
+     * @var User
+     */
+    private $userMock;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+        $this->requestHandlerMock = $this->createMock(RequestHandlerInterface::class);
+        $this->userMock = $this->createMock(User::class);
+        $this->identityInterfaceMock = $this->createMock(IdentityInterface::class);
+        $this->identityRepositoryInterfaceMock = $this->createMock(IdentityRepositoryInterface::class);
+        $this->autoLoginMiddlewareMock = new AutoLoginMiddleware($this->userMock, $this->identityRepositoryInterfaceMock);
+        $this->requestMock = $this->createMock(ServerRequestInterface::class);
+
+        $this->requestMock
+            ->expects($this->any())
+            ->method('getCookieParams')
+            ->willReturn([
+                "remember" => json_encode([1, '123456', 60])
+            ]);
+
+        $this->identityRepositoryInterfaceMock
+            ->expects($this->any())
+            ->method('findIdentity')
+            ->willReturn($this->identityInterfaceMock);
+    }
+
+    public function testProcessOK(): void
+    {
+        $this->userMock
+            ->expects($this->once())
+            ->method('login')
+            ->willReturn(true);
+
+        $response = new Response();
+        $this->requestHandlerMock
+            ->expects($this->once())
+            ->method('handle')
+            ->willReturn($response);
+
+
+        $this->assertEquals($this->autoLoginMiddlewareMock->process($this->requestMock, $this->requestHandlerMock), $response);
+    }
+
+    public function testProcessErrorLogin(): void
+    {
+        $this->userMock
+            ->expects($this->once())
+            ->method('login')
+            ->willReturn(false);
+
+        $this->expectException(\Exception::class);
+        $this->autoLoginMiddlewareMock->process($this->requestMock, $this->requestHandlerMock);
+    }
+}