MCPcopy Index your code
hub / github.com/coder/coder / TestPostLogout

Function TestPostLogout

coderd/users_test.go:747–798  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

745}
746
747func TestPostLogout(t *testing.T) {
748 t.Parallel()
749
750 // Checks that the cookie is cleared and the API Key is deleted from the database.
751 t.Run("Logout", func(t *testing.T) {
752 t.Parallel()
753 auditor := audit.NewMock()
754 client := coderdtest.New(t, &coderdtest.Options{Auditor: auditor})
755 numLogs := len(auditor.AuditLogs())
756
757 owner := coderdtest.CreateFirstUser(t, client)
758 numLogs++ // add an audit log for login
759
760 ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
761 defer cancel()
762
763 keyID := strings.Split(client.SessionToken(), "-")[0]
764 apiKey, err := client.APIKeyByID(ctx, owner.UserID.String(), keyID)
765 require.NoError(t, err)
766 require.Equal(t, keyID, apiKey.ID, "API key should exist in the database")
767
768 fullURL, err := client.URL.Parse("/api/v2/users/logout")
769 require.NoError(t, err, "Server URL should parse successfully")
770
771 res, err := client.Request(ctx, http.MethodPost, fullURL.String(), nil)
772 numLogs++ // add an audit log for logout
773
774 require.NoError(t, err, "/logout request should succeed")
775 res.Body.Close()
776 require.Equal(t, http.StatusOK, res.StatusCode)
777
778 require.Len(t, auditor.AuditLogs(), numLogs)
779 require.Equal(t, database.AuditActionLogout, auditor.AuditLogs()[numLogs-1].Action)
780
781 cookies := res.Cookies()
782
783 var found bool
784 for _, cookie := range cookies {
785 if cookie.Name == codersdk.SessionTokenCookie {
786 require.Equal(t, codersdk.SessionTokenCookie, cookie.Name, "Cookie should be the auth cookie")
787 require.Equal(t, -1, cookie.MaxAge, "Cookie should be set to delete")
788 found = true
789 }
790 }
791 require.True(t, found, "auth cookie should be returned")
792
793 _, err = client.APIKeyByID(ctx, owner.UserID.String(), keyID)
794 sdkErr := &codersdk.Error{}
795 require.ErrorAs(t, err, &sdkErr)
796 require.Equal(t, http.StatusUnauthorized, sdkErr.StatusCode(), "Expecting 401")
797 })
798}
799
800// nolint:bodyclose
801func TestPostUsers(t *testing.T) {

Callers

nothing calls this directly

Calls 15

StatusCodeMethod · 0.95
NewMockFunction · 0.92
NewFunction · 0.92
CreateFirstUserFunction · 0.92
APIKeyByIDMethod · 0.80
CookiesMethod · 0.80
RunMethod · 0.65
ParseMethod · 0.65
CloseMethod · 0.65
AuditLogsMethod · 0.45
SessionTokenMethod · 0.45
StringMethod · 0.45

Tested by

no test coverage detected