From 4ac3c0738b174c9e4e57349d9cfbc9ef3b429c6e Mon Sep 17 00:00:00 2001
From: REJack <info@rejack.de>
Date: Wed, 12 Dec 2018 11:12:33 +0100
Subject: [PATCH] updated Libraries/Aauth & LoginTest

---
 application/Libraries/Aauth.php           |  7 ++++---
 tests/Aauth/Libraries/Aauth/LoginTest.php | 24 +++++++++++++++++++++++
 2 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/application/Libraries/Aauth.php b/application/Libraries/Aauth.php
index 9b3342c..9d955d7 100644
--- a/application/Libraries/Aauth.php
+++ b/application/Libraries/Aauth.php
@@ -839,6 +839,7 @@ class Aauth
 	public function isLoggedIn()
 	{
 		helper('cookie');
+
 		if (isset($this->session->get('user')['loggedIn']))
 		{
 			return true;
@@ -869,7 +870,7 @@ class Aauth
 						}
 						else
 						{
-							$loginTokenModel->delete($cookie[0]);
+							$loginTokenModel->deleteExpired($cookie[0]);
 							delete_cookie('remember');
 						}
 					}
@@ -936,7 +937,7 @@ class Aauth
 	{
 		if ($includeNonFlash)
 		{
-			$flashErrorsOld = $this->session->getFlashdata('errors');
+			$flashErrorsOld    = $this->session->getFlashdata('errors');
 			$this->flashErrors = array_merge((is_array($flashErrorsOld) ? $flashErrorsOld : []), $this->errors);
 			$this->session->setFlashdata('errors', $this->flashErrors);
 		}
@@ -1050,7 +1051,7 @@ class Aauth
 	{
 		if ($includeNonFlash)
 		{
-			$flashInfosOld = $this->session->getFlashdata('infos');
+			$flashInfosOld    = $this->session->getFlashdata('infos');
 			$this->flashInfos = array_merge((is_array($flashInfosOld) ? $flashInfosOld : []), $this->infos);
 			$this->session->setFlashdata('infos', $this->flashInfos);
 		}
diff --git a/tests/Aauth/Libraries/Aauth/LoginTest.php b/tests/Aauth/Libraries/Aauth/LoginTest.php
index f273b1e..2e05dc2 100644
--- a/tests/Aauth/Libraries/Aauth/LoginTest.php
+++ b/tests/Aauth/Libraries/Aauth/LoginTest.php
@@ -134,6 +134,7 @@ class LoginTest extends CIDatabaseTestCase
 		$session->set('user', [
 			'loggedIn' => true,
 		]);
+		$this->assertTrue($this->library->isLoggedIn());
 
 		helper('text');
 		$config         = new AauthConfig();
@@ -149,6 +150,29 @@ class LoginTest extends CIDatabaseTestCase
 			'expires_at'    => date('Y-m-d H:i:s', strtotime('+1 week')),
 		]);
 		$this->assertTrue($this->library->isLoggedIn());
+
+		$session->remove('user');
+		$_COOKIE['remember'] = base64_encode(a) . ';' . $selectorString . ';' . $randomString;
+		$this->assertFalse($this->library->isLoggedIn());
+	}
+
+	public function testIsLoggedInExpired()
+	{
+		helper('text');
+		$session        = $this->getInstance();
+		$this->library  = new Aauth(null, $session);
+		$config         = new AauthConfig();
+		$randomString   = random_string('alnum', 32);
+		$selectorString = random_string('alnum', 16);
+		$_COOKIE['remember'] = base64_encode(1) . ';' . $randomString . ';' . $selectorString;
+
+		$this->hasInDatabase($config->dbTableLoginTokens, [
+			'user_id'       => 1,
+			'random_hash'   => password_hash($randomString, PASSWORD_DEFAULT),
+			'selector_hash' => password_hash($selectorString, PASSWORD_DEFAULT),
+			'expires_at'    => date('Y-m-d H:i:s', strtotime('-1 week')),
+		]);
+		$this->assertFalse($this->library->isLoggedIn());
 	}
 
 	public function testLogout()