diff --git a/src/Auth/Adapters/SessionAuthAdapter.php b/src/Auth/Adapters/SessionAuthAdapter.php index c42d0987..c095ca52 100644 --- a/src/Auth/Adapters/SessionAuthAdapter.php +++ b/src/Auth/Adapters/SessionAuthAdapter.php @@ -40,6 +40,8 @@ class SessionAuthAdapter implements AuthenticatableInterface { use AuthTrait; + private const REMEMBER_TOKEN_LIFETIME = 2592000; + /** * @throws AuthException */ @@ -201,7 +203,15 @@ private function setRememberToken(User $user): void [$this->keyFields[AuthKeys::REMEMBER_TOKEN] => $rememberToken] ); - cookie()->set($this->keyFields[AuthKeys::REMEMBER_TOKEN], $rememberToken); + cookie()->set( + $this->keyFields[AuthKeys::REMEMBER_TOKEN], + $rememberToken, + self::REMEMBER_TOKEN_LIFETIME, + '/', + '', + true, + true + ); } /** diff --git a/tests/Unit/Auth/Adapters/SessionAuthAdapterTest.php b/tests/Unit/Auth/Adapters/SessionAuthAdapterTest.php index c9257c05..a3f2c401 100644 --- a/tests/Unit/Auth/Adapters/SessionAuthAdapterTest.php +++ b/tests/Unit/Auth/Adapters/SessionAuthAdapterTest.php @@ -63,6 +63,34 @@ public function testWebSigninWithRemember(): void $this->assertTrue($this->sessionAuth->check()); } + public function testWebSigninWithRememberSetsCookie(): void + { + $this->assertFalse(cookie()->has('remember_token')); + + $this->sessionAuth->signin('admin@qt.com', 'qwerty', true); + + $this->assertTrue(cookie()->has('remember_token')); + $this->assertNotEmpty(cookie()->get('remember_token')); + } + + public function testWebSigninWithoutRememberDoesNotSetCookie(): void + { + $this->sessionAuth->signin('admin@qt.com', 'qwerty'); + + $this->assertFalse(cookie()->has('remember_token')); + } + + public function testWebSignoutRemovesRememberCookie(): void + { + $this->sessionAuth->signin('admin@qt.com', 'qwerty', true); + + $this->assertTrue(cookie()->has('remember_token')); + + $this->sessionAuth->signout(); + + $this->assertFalse(cookie()->has('remember_token')); + } + public function testWebSignout(): void { $this->assertFalse($this->sessionAuth->check());