public function UserAccountFormPasswordResetTest::testPasswordResetToken in Drupal 9
Tests the reset token used only from query string.
File
- core/
modules/ user/ tests/ src/ Kernel/ UserAccountFormPasswordResetTest.php, line 53
Class
- UserAccountFormPasswordResetTest
- Verifies that the password reset behaves as expected with form elements.
Namespace
Drupal\Tests\user\KernelCode
public function testPasswordResetToken() {
/** @var \Symfony\Component\HttpFoundation\Request $request */
$request = $this->container
->get('request_stack')
->getCurrentRequest();
// @todo: Replace with $request->getSession() as soon as the session is
// present in KernelTestBase.
// see: https://www.drupal.org/node/2484991
$session = new Session();
$request
->setSession($session);
$token = 'VALID_TOKEN';
$session
->set('pass_reset_1', $token);
// Set token in query string.
$request->query
->set('pass-reset-token', $token);
$form = $this
->buildAccountForm('default');
// User shouldn't see current password field.
$this
->assertFalse($form['account']['current_pass']['#access']);
$request->query
->set('pass-reset-token', NULL);
$request->attributes
->set('pass-reset-token', $token);
$form = $this
->buildAccountForm('default');
$this
->assertTrue($form['account']['current_pass']['#access']);
}