sub init {
my ($self) = @_;
$self->{dbh} = DBI->connect(@{$self->{dbi_connect}}) or die $DBI::errstr;
- $self->{post_connect_cb}->($self) if $self->{post_connect_cb};
+ $self->{post_connect_cb}->($self) if $self->{post_connect_cb}; # uncoverable branch false
$self->{insert_sth} = $self->{dbh}->prepare($self->{insert_user}) or die $self->{dbh}->errstr;
$self->{select_sth} = $self->{dbh}->prepare($self->{select_user}) or die $self->{dbh}->errstr;
$self->{update_sth} = $self->{dbh}->prepare($self->{update_pass}) or die $self->{dbh}->errstr;
$self->{cache} = \%cache;
}
my $cachekey = sha256 "$username:$passphrase";
- return $self->{cache}{$cachekey} if exists $self->{cache}{$cachekey};
+ return $self->{cache}{$cachekey} if exists $self->{cache}{$cachekey}; # uncoverable branch true
my $user = $self->get_user($username);
return 0 unless $user;
my $ret = Authen::Passphrase->from_rfc2307($user->{passphrase})->match($passphrase);
sub make_reset_hmac {
my ($self, $username, @data) = @_;
- $self->{hmackey} //= random_bytes 512;
+ $self->{hmackey} //= random_bytes 512; # uncoverable condition false
my $user = $self->get_user($username);
my $message = join ' ', $username, $user->{passphrase}, @data;
hmac_sha1_base64 $message, $self->{hmackey};
sub mail_body {
my ($self, $username, $token) = @_;
my $hours = $self->{token_max_age} / 60 / 60;
- $hours .= $hours == 1 ? ' hour' : ' hours';
+ $hours .= $hours == 1 ? ' hour' : ' hours'; # uncoverable branch false
<<EOF;
Someone has requested a password reset for your account.
use strict;
use warnings;
-use Test::More tests => 59;
+use Test::More tests => 61;
BEGIN { $ENV{EMAIL_SENDER_TRANSPORT} = 'Test' }
BEGIN { use_ok('Plack::Middleware::Auth::Complex') };
is_http $cb->(POST '/'), 200, 'Anon', 'POST /';
is_http $cb->(GET '/register'), 200, 'Anon', 'GET /register';
set_auth 'user', 'password';
+ is_http $cb->(GET '/', Authorization => 'Hello'), 200, 'Anon', 'GET / with invalid Authorization';
is_http $cb->(GET '/', Authorization => $auth), 200, 'Anon', 'GET / with bad user/pass';
is_http $cb->(POST '/register'), 400, 'Missing parameter username', 'POST /register with no parameters';
is_http $cb->(POST '/register', [@register_args, username => '???'] ), 400, 'Username must match (?^a:^\w{2,20}$)', 'POST /register with bad username';