From eb6544973f5afab453d942f5845a82f335c6e0db Mon Sep 17 00:00:00 2001
From: Taylor Otwell <taylor@laravel.com>
Date: Sun, 11 Nov 2018 08:51:13 -0600
Subject: [PATCH] add test

---
 .../Session/Middleware/StartSession.php       | 34 +++++++----
 src/Illuminate/Session/SessionManager.php     |  8 +--
 .../Session/SessionPersistenceTest.php        | 60 +++++++++++++++++++
 3 files changed, 85 insertions(+), 17 deletions(-)
 create mode 100644 tests/Integration/Session/SessionPersistenceTest.php

diff --git a/src/Illuminate/Session/Middleware/StartSession.php b/src/Illuminate/Session/Middleware/StartSession.php
index 1594811552a7..ea8dc7f984e7 100644
--- a/src/Illuminate/Session/Middleware/StartSession.php
+++ b/src/Illuminate/Session/Middleware/StartSession.php
@@ -41,23 +41,31 @@ public function __construct(SessionManager $manager)
      */
     public function handle($request, Closure $next)
     {
-        if ($this->sessionConfigured()) {
-            $request->setLaravelSession(
-                $session = $this->startSession($request)
-            );
+        if (! $this->sessionConfigured()) {
+            return next($request);
+        }
 
-            $this->collectGarbage($session);
+        // If a session driver has been configured, we will need to start the session here
+        // so that the data is ready for an application. Note that the Laravel sessions
+        // do not make use of PHP "native" sessions in any way since they are crappy.
+        $request->setLaravelSession(
+            $session = $this->startSession($request)
+        );
 
-            $this->storeCurrentUrl($request, $session);
+        $this->collectGarbage($session);
 
-            $response = $next($request);
+        $this->storeCurrentUrl($request, $session);
 
-            $this->addCookieToResponse($response, $session);
+        $this->addCookieToResponse(
+            $response = $next($request), $session
+        );
 
-            $this->manager->driver()->save();
-        }
+        // Again, if the session has been configured we will need to close out the session
+        // so that the attributes may be persisted to some storage medium. We will also
+        // add the session identifier cookie to the application response headers now.
+        $this->manager->driver()->save();
 
-        return $response ?? $next($request);
+        return $response;
     }
 
     /**
@@ -168,7 +176,9 @@ protected function getCookieExpirationDate()
     {
         $config = $this->manager->getSessionConfig();
 
-        return $config['expire_on_close'] ? 0 : Date::instance(Carbon::now()->addRealMinutes($config['lifetime']));
+        return $config['expire_on_close'] ? 0 : Date::instance(
+            Carbon::now()->addRealMinutes($config['lifetime'])
+        );
     }
 
     /**
diff --git a/src/Illuminate/Session/SessionManager.php b/src/Illuminate/Session/SessionManager.php
index 2ab50830d2de..77364cd68623 100755
--- a/src/Illuminate/Session/SessionManager.php
+++ b/src/Illuminate/Session/SessionManager.php
@@ -162,11 +162,9 @@ protected function createCacheHandler($driver)
      */
     protected function buildSession($handler)
     {
-        if ($this->app['config']['session.encrypt']) {
-            return $this->buildEncryptedSession($handler);
-        }
-
-        return new Store($this->app['config']['session.cookie'], $handler);
+        return $this->app['config']['session.encrypt']
+                ? $this->buildEncryptedSession($handler)
+                : new Store($this->app['config']['session.cookie'], $handler);
     }
 
     /**
diff --git a/tests/Integration/Session/SessionPersistenceTest.php b/tests/Integration/Session/SessionPersistenceTest.php
new file mode 100644
index 000000000000..d4f6e30131af
--- /dev/null
+++ b/tests/Integration/Session/SessionPersistenceTest.php
@@ -0,0 +1,60 @@
+<?php
+
+namespace Illuminate\Tests\Integration\Session;
+
+use Mockery;
+use Illuminate\Http\Response;
+use Orchestra\Testbench\TestCase;
+use Illuminate\Support\Facades\Route;
+use Illuminate\Support\Facades\Session;
+use Illuminate\Session\NullSessionHandler;
+use Illuminate\Session\TokenMismatchException;
+use Illuminate\Contracts\Debug\ExceptionHandler;
+
+/**
+ * @group integration
+ */
+class SessionPersistenceTest extends TestCase
+{
+    public function test_session_is_persisted_even_if_exception_is_thrown_from_route()
+    {
+        $handler = new FakeNullSessionHandler;
+        $this->assertFalse($handler->written);
+
+        Session::extend('fake-null', function () use ($handler) {
+            return $handler;
+        });
+
+        Route::get('/', function () {
+            throw new TokenMismatchException;
+        })->middleware('web');
+
+        $response = $this->get('/');
+        $this->assertTrue($handler->written);
+    }
+
+    protected function getEnvironmentSetUp($app)
+    {
+        $app->instance(
+            ExceptionHandler::class,
+            $handler = Mockery::mock(ExceptionHandler::class)->shouldIgnoreMissing()
+        );
+
+        $handler->shouldReceive('render')->andReturn(new Response);
+
+        $app['config']->set('app.key', str_random(32));
+        $app['config']->set('session.driver', 'fake-null');
+        $app['config']->set('session.expire_on_close', true);
+    }
+}
+
+class FakeNullSessionHandler extends NullSessionHandler
+{
+    public $written = false;
+
+    public function write($sessionId, $data)
+    {
+        $this->written = true;
+        return true;
+    }
+}