public function SessionAuthenticationTest::testBasicAuthNoSession in Drupal 10
Same name and namespace in other branches
- 8 core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php \Drupal\Tests\system\Functional\Session\SessionAuthenticationTest::testBasicAuthNoSession()
- 9 core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php \Drupal\Tests\system\Functional\Session\SessionAuthenticationTest::testBasicAuthNoSession()
Tests that a session is not started automatically by basic authentication.
File
- core/
modules/ system/ tests/ src/ Functional/ Session/ SessionAuthenticationTest.php, line 120
Class
- SessionAuthenticationTest
- Tests if sessions are correctly handled when a user authenticates.
Namespace
Drupal\Tests\system\Functional\SessionCode
public function testBasicAuthNoSession() {
// A route that is authorized through basic_auth only, not cookie.
$no_cookie_url = Url::fromRoute('session_test.get_session_basic_auth');
// A route that is authorized with standard cookie authentication.
$cookie_url = 'user/login';
// If we authenticate with a third party authentication system then no
// session cookie should be set, the third party system is responsible for
// sustaining the session.
$this
->basicAuthGet($no_cookie_url, $this->user
->getAccountName(), $this->user->passRaw);
$this
->assertSession()
->statusCodeEquals(200);
$this
->assertEmpty($this
->getSessionCookies());
// Mink stores some information in the session that breaks the next check if
// not reset.
$this
->getSession()
->restart();
// On the other hand, authenticating using Cookie sets a cookie.
$this
->drupalGet($cookie_url);
$this
->assertEmpty($this
->getSessionCookies());
$edit = [
'name' => $this->user
->getAccountName(),
'pass' => $this->user->passRaw,
];
$this
->drupalGet($cookie_url);
$this
->submitForm($edit, 'Log in');
$this
->assertNotEmpty($this
->getSessionCookies());
}