How to test Controller with csrf element in Form

Stavros_Fassbender · August 17, 2020, 12:57pm

I am writing unittests for my controllers that also handle form-submits.
everything is working fine so far. I am using the library laminas-test to dispatch the requests.

Now I added a csrf-element to my form but I don’t know how to get the csrf-token so that I am able to dispatch a request with a valid token to test this behaviour too.

Is there any way to do this with the component “laminas-test” or any other way?

samsonasik · August 24, 2020, 4:42pm

You should can simulate page opened first, grab the body, and use regex to get csrf value, for example:

        preg_match('/(?<=name="csrf" value=")(.{32})/', $body, $matches);
        $formData = [
            'csrf'       => $matches[0],
            // other fields here...
        ];

after it, use the $formData variable to make new request with post method.

Stavros_Fassbender · August 25, 2020, 6:11am

Thank you for your response.
Since phpunit is deleting all session-data after each test I ended up recreating the csrfToken with the same name before dispatching the requests so I always have the correct token and everything is working as expected.

Topic		Replies	Views
Testing Form with CSRF element Components & MVC laminas-mvc , laminas-test	2	555	April 9, 2021
UnitTest with laminas/laminas-test - Request is not an HTTP Request Components & MVC phpunit , laminas-test	7	567	November 16, 2022
How to Configure the Session Container for all CSRF Validators/Elements Components & MVC laminas-form , laminas-mvc , laminas-validator , laminas-session	6	519	May 9, 2022
Unit Testing File Upload Postprocessing Components & MVC phpunit , laminas-mvc , laminas-test	2	534	June 18, 2024
Configuration Override in Controller Tests Components & MVC laminas-test	2	1407	May 13, 2020

How to test Controller with csrf element in Form

Related topics