MCPcopy Index your code
hub / github.com/coder/coder / TestUserLogout

Function TestUserLogout

coderd/userauth_test.go:2490–2595  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

2488}
2489
2490func TestUserLogout(t *testing.T) {
2491 t.Parallel()
2492
2493 // Create a custom database so it's easier to make scoped tokens for
2494 // testing.
2495 db, pubSub := dbtestutil.NewDB(t)
2496 dv := coderdtest.DeploymentValues(t)
2497 dv.HTTPCookies.EnableHostPrefix = true
2498
2499 client := coderdtest.New(t, &coderdtest.Options{
2500 DeploymentValues: dv,
2501 Database: db,
2502 Pubsub: pubSub,
2503 })
2504 firstUser := coderdtest.CreateFirstUser(t, client)
2505
2506 ctx := testutil.Context(t, testutil.WaitLong)
2507
2508 // Create a user with built-in auth.
2509 const (
2510 email = "dean.was.here@test.coder.com"
2511 username = "dean"
2512 //nolint:gosec
2513 password = "SomeSecurePassword123!"
2514 )
2515 newUser, err := client.CreateUserWithOrgs(ctx, codersdk.CreateUserRequestWithOrgs{
2516 Email: email,
2517 Username: username,
2518 Password: password,
2519 OrganizationIDs: []uuid.UUID{firstUser.OrganizationID},
2520 })
2521 require.NoError(t, err)
2522
2523 // Log in with basic auth and keep the the session token (but don't use it).
2524 userClient := codersdk.New(client.URL)
2525 loginRes1, err := userClient.LoginWithPassword(ctx, codersdk.LoginWithPasswordRequest{
2526 Email: email,
2527 Password: password,
2528 })
2529 require.NoError(t, err)
2530
2531 // Log in again but actually set the token this time.
2532 loginRes2, err := userClient.LoginWithPassword(ctx, codersdk.LoginWithPasswordRequest{
2533 Email: email,
2534 Password: password,
2535 })
2536 require.NoError(t, err)
2537 userClient.SetSessionToken(loginRes2.SessionToken)
2538
2539 // Add the user's second session token to the list of API keys that should
2540 // be deleted.
2541 shouldBeDeleted := map[string]string{
2542 "user login 2 (logging out with this)": loginRes2.SessionToken,
2543 }
2544
2545 // Add the user's first token, and the admin's session token to the list of
2546 // API keys that should not be deleted.
2547 shouldNotBeDeleted := map[string]string{

Callers

nothing calls this directly

Calls 15

StatusCodeMethod · 0.95
NewDBFunction · 0.92
DeploymentValuesFunction · 0.92
NewFunction · 0.92
CreateFirstUserFunction · 0.92
ContextFunction · 0.92
NewFunction · 0.92
APIKeyFunction · 0.92
CreateUserWithOrgsMethod · 0.80
LoginWithPasswordMethod · 0.80
SetSessionTokenMethod · 0.80
UserMethod · 0.65

Tested by

no test coverage detected