Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Token Retention [PR#12518] and Fixed Security Tests #13642

Merged
merged 2 commits into from
Dec 9, 2018
Merged

Security Token Retention [PR#12518] and Fixed Security Tests #13642

merged 2 commits into from
Dec 9, 2018

Conversation

CameronHall
Copy link
Contributor

Hello!

  • Type: cherry-picked existing PR
  • Link to PR: #12518

In raising this pull request, I confirm the following (please check boxes):

  • I have read and understood the Contributing Guidelines?
  • I have checked that another pull request for this purpose does not exist.
  • I wrote some tests for this PR.

Small description of change: Created a retainer for the current session token in order to not break checkToken functionality if getToken is called before. Also fixed the security tests segmentation faults.

Thanks

niden
niden requested changes Dec 8, 2018
View reviewed changes
phalcon/security.zep Outdated Show resolved Hide resolved
@CameronHall CameronHall force-pushed the feature/security-token-retention branch from b74e134 to 3647da2 Compare December 8, 2018 22:01
Gorka Guridi and others added 2 commits December 9, 2018 09:01
@CameronHall
Added retainer for current session token in order to be able to valid…
79d7e47 
…ate fields after regenerating the token. Added string casting to userToken.

Conflicts:
	CHANGELOG.md
	tests/unit/SecurityTest.php
@CameronHall
Fixed Security Tests segmentation fault
5f0faae 
Trying to append an element to an undefined variable (as demonstrated in the example below) will generate a segmentation fault.
```zep
_SESSION['key'] = 'value';
```
`$_SESSION` isn't available in the PHP CLI so we need to define it ourselves in `SecurityCest:_before`
@CameronHall CameronHall force-pushed the feature/security-token-retention branch from 3647da2 to 5f0faae Compare December 8, 2018 22:02
@CameronHall
Copy link
Contributor Author

All done @niden

@niden niden merged commit 1d30f0a into phalcon:4.0.x Dec 9, 2018
@niden
Copy link
Member

niden commented Dec 9, 2018

Thank you!

@niden niden added this to the 4.0.0 milestone Dec 9, 2018
@niden niden mentioned this pull request Dec 9, 2018
Closed
3 tasks
@CameronHall CameronHall mentioned this pull request Dec 9, 2018
Closed
@niden niden added the documentation Documentation required label Apr 9, 2019
@niden niden removed this from the 4.0.0 milestone Oct 13, 2019
@niden niden added 4.0 and removed documentation Documentation required labels Oct 13, 2019
@CameronHall CameronHall deleted the feature/security-token-retention branch October 24, 2019 11:38
@niden niden added bug A bug report status: low Low and removed Bug - Low labels Dec 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@niden niden niden approved these changes

Assignees
No one assigned
Labels
bug A bug report status: low Low
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@CameronHall @niden