function SessionAuthenticationTest::testBasicAuthNoSession

Same name and namespace in other branches
  1. 9 core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php \Drupal\Tests\system\Functional\Session\SessionAuthenticationTest::testBasicAuthNoSession()
  2. 8.9.x core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php \Drupal\Tests\system\Functional\Session\SessionAuthenticationTest::testBasicAuthNoSession()
  3. 11.x core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php \Drupal\Tests\system\Functional\Session\SessionAuthenticationTest::testBasicAuthNoSession()

Tests that a session is not started automatically by basic authentication.

File

core/modules/system/tests/src/Functional/Session/SessionAuthenticationTest.php, line 122

Class

SessionAuthenticationTest
Tests if sessions are correctly handled when a user authenticates.

Namespace

Drupal\Tests\system\Functional\Session

Code

public function testBasicAuthNoSession() : void {
  // A route that is authorized through basic_auth only, not cookie.
  $no_cookie_url = Url::fromRoute('session_test.get_session_basic_auth');
  // A route that is authorized with standard cookie authentication.
  $cookie_url = 'user/login';
  // If we authenticate with a third party authentication system then no
  // session cookie should be set, the third party system is responsible for
  // sustaining the session.
  $this->basicAuthGet($no_cookie_url, $this->user
    ->getAccountName(), $this->user->passRaw);
  $this->assertSession()
    ->statusCodeEquals(200);
  $this->assertEmpty($this->getSessionCookies());
  // Mink stores some information in the session that breaks the next check if
  // not reset.
  $this->getSession()
    ->restart();
  // On the other hand, authenticating using Cookie sets a cookie.
  $this->drupalGet($cookie_url);
  $this->assertEmpty($this->getSessionCookies());
  $edit = [
    'name' => $this->user
      ->getAccountName(),
    'pass' => $this->user->passRaw,
  ];
  $this->drupalGet($cookie_url);
  $this->submitForm($edit, 'Log in');
  $this->assertNotEmpty($this->getSessionCookies());
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.