xaizek / rocketgit (License: AGPLv3+) (since 2018-12-09)
Light and fast Git hosting solution suitable to serve both as a hub or as a personal code storage with its tickets, pull requests, API and much more.
<root> / tests / token.php (07bae6039c990196594cdd0cd73298e28dcf45ab) (2,166B) (mode 100644) [raw]
<?php
error_reporting(E_ALL | E_STRICT);
ini_set("track_errors", "On");

$INC = dirname(__FILE__) . "/../inc";
require_once(dirname(__FILE__) . "/config.php");
require_once($INC . "/init.inc.php");
require_once($INC . "/util.inc.php");
require_once($INC . "/log.inc.php");
require_once($INC . "/token.inc.php");

rg_log_set_file("token.log");

$rg_no_db = TRUE;
require_once("common.php");

$a = array("ua" => "user-agent1", "sid" => "session1", 'debug' => 1);
$token = rg_token_get($db, $a, 'tag1');
if ($token === FALSE) {
	rg_log("Generating a token should not fail (" . rg_token_error() . ")!");
	exit(1);
}
rg_log("Correct token: $token");

$a['token'] = $token;
$r = rg_token_valid($db, $a, 'tag1', FALSE);
if ($r === FALSE) {
	rg_log("Validating a correct token must work (" . rg_token_error() . ")!");
	exit(1);
}


rg_log("Now, test pre-login sessions...");
$rg_token = FALSE; /* we must remove it from memory */
$a = array("ua" => "user-agent1", "sid" => "Xsession2", 'debug' => 1);
$token = rg_token_get($db, $a, 'tag2');
if ($token === FALSE) {
	rg_log("Generating a token should not fail (" . rg_token_error() . ")!");
	exit(1);
}
rg_log("Correct token: $token");
$a['token'] = $token;

$copy = $a;
$copy['token'] = "y" . substr($a['token'], 1);
$r = rg_token_valid($db, $copy, 'tag2', FALSE);
if ($r !== FALSE) {
	rg_log("An altered token must return error!");
	exit(1);
}

$r = rg_token_valid($db, $a, 'tag2', FALSE);
if ($r === FALSE) {
	rg_log("Validating a correct token must work (" . rg_token_error() . ")!");
	exit(1);
}


rg_log("Testing double posting...");
$rg_token = FALSE; /* we must remove it from memory */
$a = array("ua" => "user-agent3",
	"sid" => "session_double",
	'debug' => 1);
$token = rg_token_get($db, $a, 'tag3');
if ($token === FALSE) {
	rg_log("Generating a token should not fail (" . rg_token_error() . ")!");
	exit(1);
}
$a['token'] = $token;

$r = rg_token_valid($db, $a, 'tag3', FALSE);
if ($r === FALSE) {
	rg_log("Calling 'valid' first time must work!");
	exit(1);
}
$r = rg_token_valid($db, $a, 'tag3', FALSE);
if ($r !== FALSE) {
	rg_log("Calling 'valid' second time must NOT work!");
	exit(1);
}

rg_log("OK!");
?>
Hints

Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://code.reversed.top/user/xaizek/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a pull request:
... clone the repository ...
... make some changes and some commits ...
git push origin master