summaryrefslogtreecommitdiff
path: root/app/controllers/sessions/controller_test.go
diff options
context:
space:
mode:
authormo khan <mo@mokhan.ca>2025-04-25 22:40:59 -0600
committermo khan <mo@mokhan.ca>2025-04-28 09:07:31 -0600
commitaf084321226b2adbe18c8a538435feda662cbad0 (patch)
tree3b7cfd6cce984ee43c0097c3b20ca9e73bb6a47a /app/controllers/sessions/controller_test.go
parent4030e9c36ebd22d2e9c647a1ba286390361b4f63 (diff)
feat: add logout endpoint
Diffstat (limited to 'app/controllers/sessions/controller_test.go')
-rw-r--r--app/controllers/sessions/controller_test.go15
1 files changed, 15 insertions, 0 deletions
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go
index 46c32fd..e325afc 100644
--- a/app/controllers/sessions/controller_test.go
+++ b/app/controllers/sessions/controller_test.go
@@ -6,6 +6,7 @@ import (
"net/http"
"net/url"
"testing"
+ "time"
"github.com/oauth2-proxy/mockoidc"
"github.com/stretchr/testify/assert"
@@ -13,6 +14,7 @@ import (
"github.com/xlgmokha/x/pkg/x"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/test"
+ "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web/cookie"
)
func TestSessions(t *testing.T) {
@@ -131,4 +133,17 @@ func TestSessions(t *testing.T) {
})
})
})
+
+ t.Run("POST /session/destroy", func(t *testing.T) {
+ t.Run("clears the session cookie", func(t *testing.T) {
+ cookie := cookie.New("session", "value", time.Now().Add(5*time.Minute))
+ r, w := test.RequestResponse("POST", "/session/destroy", test.WithCookie(cookie))
+
+ mux.ServeHTTP(w, r)
+
+ require.Equal(t, http.StatusFound, w.Code)
+ assert.Equal(t, "/", w.Header().Get("Location"))
+ assert.Equal(t, "session=; Path=/; Domain=localhost; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure", w.Header().Get("Set-Cookie"))
+ })
+ })
}
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 21:04:12 +0000