(t *testing.T)
| 745 | } |
| 746 | |
| 747 | func TestPostLogout(t *testing.T) { |
| 748 | t.Parallel() |
| 749 | |
| 750 | // Checks that the cookie is cleared and the API Key is deleted from the database. |
| 751 | t.Run("Logout", func(t *testing.T) { |
| 752 | t.Parallel() |
| 753 | auditor := audit.NewMock() |
| 754 | client := coderdtest.New(t, &coderdtest.Options{Auditor: auditor}) |
| 755 | numLogs := len(auditor.AuditLogs()) |
| 756 | |
| 757 | owner := coderdtest.CreateFirstUser(t, client) |
| 758 | numLogs++ // add an audit log for login |
| 759 | |
| 760 | ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong) |
| 761 | defer cancel() |
| 762 | |
| 763 | keyID := strings.Split(client.SessionToken(), "-")[0] |
| 764 | apiKey, err := client.APIKeyByID(ctx, owner.UserID.String(), keyID) |
| 765 | require.NoError(t, err) |
| 766 | require.Equal(t, keyID, apiKey.ID, "API key should exist in the database") |
| 767 | |
| 768 | fullURL, err := client.URL.Parse("/api/v2/users/logout") |
| 769 | require.NoError(t, err, "Server URL should parse successfully") |
| 770 | |
| 771 | res, err := client.Request(ctx, http.MethodPost, fullURL.String(), nil) |
| 772 | numLogs++ // add an audit log for logout |
| 773 | |
| 774 | require.NoError(t, err, "/logout request should succeed") |
| 775 | res.Body.Close() |
| 776 | require.Equal(t, http.StatusOK, res.StatusCode) |
| 777 | |
| 778 | require.Len(t, auditor.AuditLogs(), numLogs) |
| 779 | require.Equal(t, database.AuditActionLogout, auditor.AuditLogs()[numLogs-1].Action) |
| 780 | |
| 781 | cookies := res.Cookies() |
| 782 | |
| 783 | var found bool |
| 784 | for _, cookie := range cookies { |
| 785 | if cookie.Name == codersdk.SessionTokenCookie { |
| 786 | require.Equal(t, codersdk.SessionTokenCookie, cookie.Name, "Cookie should be the auth cookie") |
| 787 | require.Equal(t, -1, cookie.MaxAge, "Cookie should be set to delete") |
| 788 | found = true |
| 789 | } |
| 790 | } |
| 791 | require.True(t, found, "auth cookie should be returned") |
| 792 | |
| 793 | _, err = client.APIKeyByID(ctx, owner.UserID.String(), keyID) |
| 794 | sdkErr := &codersdk.Error{} |
| 795 | require.ErrorAs(t, err, &sdkErr) |
| 796 | require.Equal(t, http.StatusUnauthorized, sdkErr.StatusCode(), "Expecting 401") |
| 797 | }) |
| 798 | } |
| 799 | |
| 800 | // nolint:bodyclose |
| 801 | func TestPostUsers(t *testing.T) { |
nothing calls this directly
no test coverage detected