feat: Complete Woles Framework v1.0 with enterprise-grade UI
- Add comprehensive error handling system with custom error pages - Implement professional enterprise-style design with Tailwind CSS - Create modular HMVC architecture with clean separation of concerns - Add security features: CSRF protection, XSS filtering, Argon2ID hashing - Include CLI tools for development workflow - Add error reporting dashboard with system monitoring - Implement responsive design with consistent slate color scheme - Replace all emoji icons with professional SVG icons - Add comprehensive test suite with PHPUnit - Include database migrations and seeders - Add proper exception handling with fallback pages - Implement template engine with custom syntax support - Add helper functions and facades for clean code - Include proper logging and debugging capabilities
This commit is contained in:
mwpn
82
tests/SecurityTest.php
Normal file
82
tests/SecurityTest.php
Normal file
@@ -0,0 +1,82 @@
|
||||
<?php
|
||||
|
||||
namespace Tests;
|
||||
|
||||
use App\Core\Security;
|
||||
|
||||
/**
|
||||
* Security test cases
|
||||
*/
|
||||
class SecurityTest extends TestCase
|
||||
{
|
||||
private Security $security;
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
parent::setUp();
|
||||
$this->security = new Security();
|
||||
}
|
||||
|
||||
public function testCanGenerateCsrfToken(): void
|
||||
{
|
||||
$token = $this->security->generateCsrfToken();
|
||||
|
||||
$this->assertIsString($token);
|
||||
$this->assertEquals(64, strlen($token)); // 32 bytes = 64 hex chars
|
||||
}
|
||||
|
||||
public function testCanVerifyCsrfToken(): void
|
||||
{
|
||||
$token = $this->security->generateCsrfToken();
|
||||
|
||||
$this->assertTrue($this->security->verifyCsrfToken($token));
|
||||
$this->assertFalse($this->security->verifyCsrfToken('invalid-token'));
|
||||
}
|
||||
|
||||
public function testCanSanitizeString(): void
|
||||
{
|
||||
$input = '<script>alert("xss")</script>Hello World';
|
||||
$sanitized = $this->security->sanitizeString($input);
|
||||
|
||||
$this->assertStringNotContainsString('<script>', $sanitized);
|
||||
$this->assertStringContainsString('Hello World', $sanitized);
|
||||
}
|
||||
|
||||
public function testCanEncryptAndDecryptData(): void
|
||||
{
|
||||
$data = 'Sensitive information';
|
||||
|
||||
$encrypted = $this->security->encrypt($data);
|
||||
$decrypted = $this->security->decrypt($encrypted);
|
||||
|
||||
$this->assertNotEquals($data, $encrypted);
|
||||
$this->assertEquals($data, $decrypted);
|
||||
}
|
||||
|
||||
public function testCanHashPassword(): void
|
||||
{
|
||||
$password = 'test-password';
|
||||
$hash = $this->security->hashPassword($password);
|
||||
|
||||
$this->assertIsString($hash);
|
||||
$this->assertNotEquals($password, $hash);
|
||||
$this->assertTrue($this->security->verifyPassword($password, $hash));
|
||||
}
|
||||
|
||||
public function testCanGenerateRandomString(): void
|
||||
{
|
||||
$random = $this->security->generateRandomString(16);
|
||||
|
||||
$this->assertIsString($random);
|
||||
$this->assertEquals(32, strlen($random)); // 16 bytes = 32 hex chars
|
||||
}
|
||||
|
||||
public function testPasswordVerificationWorks(): void
|
||||
{
|
||||
$password = 'test-password';
|
||||
$hash = $this->security->hashPassword($password);
|
||||
|
||||
$this->assertTrue($this->security->verifyPassword($password, $hash));
|
||||
$this->assertFalse($this->security->verifyPassword('wrong-password', $hash));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user