test for delete session

29701d98 · Christian Pointner · b2adec62 · 29701d98
Commit 29701d98 authored 5 years ago by Christian Pointner
--- a/auth/auth_test.go
+++ b/auth/auth_test.go
@@ -214,6 +214,7 @@ func TestAuthBearerToken(t *testing.T) {
 		{"Bearer invalid", http.StatusUnauthorized},
 		{"Bearer invalid:", http.StatusUnauthorized},
 		{"Bearer unknown:secret", http.StatusUnauthorized},
+		{"Bearer " + s.id + ":invalid", http.StatusUnauthorized},
 		{"Bearer " + s.getToken(), http.StatusOK},
 	}

@@ -302,3 +303,49 @@ func TestAuthWaitForLogin(t *testing.T) {
 		}
 	}
 }
+
+func TestAuthDeleteSession(t *testing.T) {
+	cfg := &Config{}
+	if err := Init(cfg, nil, nil, nil); err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	if auth.sessions == nil {
+		t.Fatalf("authentication should be enabled but Init created no session manager")
+	}
+
+	s, err := NewSession()
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if err = auth.sessions.insert(s); err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+
+	router := mux.NewRouter()
+	InstallHTTPHandler(router)
+
+	req, err := http.NewRequest("DELETE", "/session", nil)
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	rr := httptest.NewRecorder()
+	router.ServeHTTP(rr, req)
+	if rr.Code != http.StatusUnauthorized {
+		t.Fatalf("unexpected reponse code: %d (%s)", rr.Code, http.StatusText(rr.Code))
+	}
+
+	if req, err = http.NewRequest("DELETE", "/session", nil); err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	req.Header.Set("Authorization", "Bearer "+s.getToken())
+	rr = httptest.NewRecorder()
+	router.ServeHTTP(rr, req)
+	if rr.Code != http.StatusOK {
+		t.Fatalf("unexpected reponse code: %d (%s)", rr.Code, http.StatusText(rr.Code))
+	}
+
+	if len(auth.sessions.sessions) != 0 {
+		t.Fatalf("session wasn't removed from session manager")
+	}
+}