(t *testing.T)
| 2488 | } |
| 2489 | |
| 2490 | func TestUserLogout(t *testing.T) { |
| 2491 | t.Parallel() |
| 2492 | |
| 2493 | // Create a custom database so it's easier to make scoped tokens for |
| 2494 | // testing. |
| 2495 | db, pubSub := dbtestutil.NewDB(t) |
| 2496 | dv := coderdtest.DeploymentValues(t) |
| 2497 | dv.HTTPCookies.EnableHostPrefix = true |
| 2498 | |
| 2499 | client := coderdtest.New(t, &coderdtest.Options{ |
| 2500 | DeploymentValues: dv, |
| 2501 | Database: db, |
| 2502 | Pubsub: pubSub, |
| 2503 | }) |
| 2504 | firstUser := coderdtest.CreateFirstUser(t, client) |
| 2505 | |
| 2506 | ctx := testutil.Context(t, testutil.WaitLong) |
| 2507 | |
| 2508 | // Create a user with built-in auth. |
| 2509 | const ( |
| 2510 | email = "dean.was.here@test.coder.com" |
| 2511 | username = "dean" |
| 2512 | //nolint:gosec |
| 2513 | password = "SomeSecurePassword123!" |
| 2514 | ) |
| 2515 | newUser, err := client.CreateUserWithOrgs(ctx, codersdk.CreateUserRequestWithOrgs{ |
| 2516 | Email: email, |
| 2517 | Username: username, |
| 2518 | Password: password, |
| 2519 | OrganizationIDs: []uuid.UUID{firstUser.OrganizationID}, |
| 2520 | }) |
| 2521 | require.NoError(t, err) |
| 2522 | |
| 2523 | // Log in with basic auth and keep the the session token (but don't use it). |
| 2524 | userClient := codersdk.New(client.URL) |
| 2525 | loginRes1, err := userClient.LoginWithPassword(ctx, codersdk.LoginWithPasswordRequest{ |
| 2526 | Email: email, |
| 2527 | Password: password, |
| 2528 | }) |
| 2529 | require.NoError(t, err) |
| 2530 | |
| 2531 | // Log in again but actually set the token this time. |
| 2532 | loginRes2, err := userClient.LoginWithPassword(ctx, codersdk.LoginWithPasswordRequest{ |
| 2533 | Email: email, |
| 2534 | Password: password, |
| 2535 | }) |
| 2536 | require.NoError(t, err) |
| 2537 | userClient.SetSessionToken(loginRes2.SessionToken) |
| 2538 | |
| 2539 | // Add the user's second session token to the list of API keys that should |
| 2540 | // be deleted. |
| 2541 | shouldBeDeleted := map[string]string{ |
| 2542 | "user login 2 (logging out with this)": loginRes2.SessionToken, |
| 2543 | } |
| 2544 | |
| 2545 | // Add the user's first token, and the admin's session token to the list of |
| 2546 | // API keys that should not be deleted. |
| 2547 | shouldNotBeDeleted := map[string]string{ |
nothing calls this directly
no test coverage detected