});
Generate several types of tokens. Now includes CSRF.
+ For non-CSRF tokens an optional pattern parameter overrides length.
Room for future extension.
=cut
my ( $params ) = @_;
my $length = $params->{length} || 1;
$length = 1 unless $length > 0;
-
- return String::Random::random_string( '.' x $length );
+ my $pattern = $params->{pattern} // '.{'.$length.'}'; # pattern overrides length parameter
+ return String::Random::random_regex( $pattern );
}
=head1 AUTHOR
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
use Modern::Perl;
-use Test::More tests => 10;
+use Test::More tests => 11;
use Time::HiRes qw|usleep|;
use C4::Context;
use Koha::Token;
});
is( $result, '', "CSRF token is not verified if another session is used" );
};
+
+subtest 'Pattern parameter' => sub {
+ plan tests => 4;
+ my $id = $tokenizer->generate({ pattern => '\d\d', length => 8 });
+ is( length($id), 2, 'Pattern overrides length' );
+ ok( $id =~ /\d{2}/, 'Two digits found' );
+ $id = $tokenizer->generate({ pattern => '[A-Z]{10}' });
+ is( length($id), 10, 'Check length again' );
+ ok( $id !~ /[^A-Z]/, 'Only uppercase letters' );
+};