summaryrefslogtreecommitdiff
path: root/app/controllers/sessions/controller_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/sessions/controller_test.go')
-rw-r--r--app/controllers/sessions/controller_test.go11
1 files changed, 5 insertions, 6 deletions
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go
index 4b68c7a..82c56d5 100644
--- a/app/controllers/sessions/controller_test.go
+++ b/app/controllers/sessions/controller_test.go
@@ -95,7 +95,7 @@ func TestSessions(t *testing.T) {
r, w := test.RequestResponse(
"GET",
"/session/callback?code="+code+"&state=invalid",
- test.WithCookie(web.NewCookie("oauth_state", nonce)),
+ test.WithCookie(web.NewCookie(xcfg.CSRFCookie, nonce)),
)
mux.ServeHTTP(w, r)
@@ -119,7 +119,7 @@ func TestSessions(t *testing.T) {
r, w := test.RequestResponse(
"GET",
"/session/callback?code="+code+"&state="+nonce,
- test.WithCookie(web.NewCookie("oauth_state", nonce)),
+ test.WithCookie(web.NewCookie(xcfg.CSRFCookie, nonce)),
)
mux.ServeHTTP(w, r)
@@ -176,8 +176,7 @@ func TestSessions(t *testing.T) {
t.Run("applies the appropriate cookie settings", func(t *testing.T) {
assert.Equal(t, "/", cookie.Path)
- assert.Equal(t, "localhost", cookie.Domain)
- assert.Equal(t, "session", cookie.Name)
+ assert.Equal(t, xcfg.SessionCookie, cookie.Name)
assert.Equal(t, http.SameSiteLaxMode, cookie.SameSite)
assert.Equal(t, x.Must(time.Parse(time.RFC3339, tokens["expiry"].(string))).Unix(), cookie.Expires.Unix())
assert.True(t, cookie.HttpOnly)
@@ -189,14 +188,14 @@ func TestSessions(t *testing.T) {
t.Run("POST /session/destroy", func(t *testing.T) {
t.Run("clears the session cookie", func(t *testing.T) {
- cookie := web.NewCookie("session", "value")
+ cookie := web.NewCookie(xcfg.SessionCookie, "value")
r, w := test.RequestResponse("POST", "/session/destroy", test.WithCookie(cookie))
mux.ServeHTTP(w, r)
require.Equal(t, http.StatusFound, w.Code)
assert.Equal(t, "/", w.Header().Get("Location"))
- assert.Equal(t, "session=; Path=/; Domain=localhost; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure", w.Header().Get("Set-Cookie"))
+ assert.Equal(t, "session=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure", w.Header().Get("Set-Cookie"))
})
})
}
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-03 03:03:14 +0000