Woles-Framework/tests/SecurityTest.php

<?php

namespace Tests;

use App\Core\Security;

/**
 * Security test cases
 */
class SecurityTest extends TestCase
{
    private Security $security;

    protected function setUp(): void
    {
        parent::setUp();
        $this->security = new Security();
    }

    public function testCanGenerateCsrfToken(): void
    {
        $token = $this->security->generateCsrfToken();

        $this->assertIsString($token);
        $this->assertEquals(64, strlen($token)); // 32 bytes = 64 hex chars
    }

    public function testCanVerifyCsrfToken(): void
    {
        $token = $this->security->generateCsrfToken();

        $this->assertTrue($this->security->verifyCsrfToken($token));
        $this->assertFalse($this->security->verifyCsrfToken('invalid-token'));
    }

    public function testCanSanitizeString(): void
    {
        $input = '<script>alert("xss")</script>Hello World';
        $sanitized = $this->security->sanitizeString($input);

        $this->assertStringNotContainsString('<script>', $sanitized);
        $this->assertStringContainsString('Hello World', $sanitized);
    }

    public function testCanEncryptAndDecryptData(): void
    {
        $data = 'Sensitive information';

        $encrypted = $this->security->encrypt($data);
        $decrypted = $this->security->decrypt($encrypted);

        $this->assertNotEquals($data, $encrypted);
        $this->assertEquals($data, $decrypted);
    }

    public function testCanHashPassword(): void
    {
        $password = 'test-password';
        $hash = $this->security->hashPassword($password);

        $this->assertIsString($hash);
        $this->assertNotEquals($password, $hash);
        $this->assertTrue($this->security->verifyPassword($password, $hash));
    }

    public function testCanGenerateRandomString(): void
    {
        $random = $this->security->generateRandomString(16);

        $this->assertIsString($random);
        $this->assertEquals(32, strlen($random)); // 16 bytes = 32 hex chars
    }

    public function testPasswordVerificationWorks(): void
    {
        $password = 'test-password';
        $hash = $this->security->hashPassword($password);

        $this->assertTrue($this->security->verifyPassword($password, $hash));
        $this->assertFalse($this->security->verifyPassword('wrong-password', $hash));
    }
}
feat: Complete Woles Framework v1.0 with enterprise-grade UI - Add comprehensive error handling system with custom error pages - Implement professional enterprise-style design with Tailwind CSS - Create modular HMVC architecture with clean separation of concerns - Add security features: CSRF protection, XSS filtering, Argon2ID hashing - Include CLI tools for development workflow - Add error reporting dashboard with system monitoring - Implement responsive design with consistent slate color scheme - Replace all emoji icons with professional SVG icons - Add comprehensive test suite with PHPUnit - Include database migrations and seeders - Add proper exception handling with fallback pages - Implement template engine with custom syntax support - Add helper functions and facades for clean code - Include proper logging and debugging capabilities 2025-10-11 07:08:23 +07:00			`<?php`

			`namespace Tests;`

			`use App\Core\Security;`

			`/**`
			`* Security test cases`
			`*/`
			`class SecurityTest extends TestCase`
			`{`
			`private Security $security;`

			`protected function setUp(): void`
			`{`
			`parent::setUp();`
			`$this->security = new Security();`
			`}`

			`public function testCanGenerateCsrfToken(): void`
			`{`
			`$token = $this->security->generateCsrfToken();`

			`$this->assertIsString($token);`
			`$this->assertEquals(64, strlen($token)); // 32 bytes = 64 hex chars`
			`}`

			`public function testCanVerifyCsrfToken(): void`
			`{`
			`$token = $this->security->generateCsrfToken();`

			`$this->assertTrue($this->security->verifyCsrfToken($token));`
			`$this->assertFalse($this->security->verifyCsrfToken('invalid-token'));`
			`}`

			`public function testCanSanitizeString(): void`
			`{`
			`$input = '<script>alert("xss")</script>Hello World';`
			`$sanitized = $this->security->sanitizeString($input);`

			`$this->assertStringNotContainsString('<script>', $sanitized);`
			`$this->assertStringContainsString('Hello World', $sanitized);`
			`}`

			`public function testCanEncryptAndDecryptData(): void`
			`{`
			`$data = 'Sensitive information';`

			`$encrypted = $this->security->encrypt($data);`
			`$decrypted = $this->security->decrypt($encrypted);`

			`$this->assertNotEquals($data, $encrypted);`
			`$this->assertEquals($data, $decrypted);`
			`}`

			`public function testCanHashPassword(): void`
			`{`
			`$password = 'test-password';`
			`$hash = $this->security->hashPassword($password);`

			`$this->assertIsString($hash);`
			`$this->assertNotEquals($password, $hash);`
			`$this->assertTrue($this->security->verifyPassword($password, $hash));`
			`}`

			`public function testCanGenerateRandomString(): void`
			`{`
			`$random = $this->security->generateRandomString(16);`

			`$this->assertIsString($random);`
			`$this->assertEquals(32, strlen($random)); // 16 bytes = 32 hex chars`
			`}`

			`public function testPasswordVerificationWorks(): void`
			`{`
			`$password = 'test-password';`
			`$hash = $this->security->hashPassword($password);`

			`$this->assertTrue($this->security->verifyPassword($password, $hash));`
			`$this->assertFalse($this->security->verifyPassword('wrong-password', $hash));`
			`}`
			`}`