revoke session tests

2025-12-24 01:10:31 +01:00 · 2016-11-16 15:10:35 +03:00
parent 6822973502
commit 7a0a77d0fa
1 changed files with 72 additions and 0 deletions
--- a/test/controllers.js
+++ b/test/controllers.js
@@ -491,6 +491,78 @@ describe('Controllers', function () {
 		});
 	});

+
+	describe('revoke session', function () {
+		var uid;
+		var jar;
+		var csrf_token;
+		var helpers = require('./helpers');
+		before(function (done) {
+			user.create({username: 'revokeme', password: 'barbar'}, function (err, _uid) {
+				assert.ifError(err);
+				uid = _uid;
+				helpers.loginUser('revokeme', 'barbar', function (err, _jar, io, _csrf_token) {
+					assert.ifError(err);
+					jar = _jar;
+					csrf_token = _csrf_token;
+					done();
+				});
+			});
+		});
+
+		it('should fail to revoke session with missing uuid', function (done) {
+			request.del(nconf.get('url') + '/api/user/revokeme/session', {
+				jar: jar,
+				headers: {
+					'x-csrf-token': csrf_token
+				}
+			}, function (err, res, body) {
+				assert.ifError(err);
+				assert.equal(res.statusCode, 404);
+				done();
+			});
+		});
+
+		it('should fail if user doesn\'t exist', function (done) {
+			request.del(nconf.get('url') + '/api/user/doesnotexist/session/1112233', {
+				jar: jar,
+				headers: {
+					'x-csrf-token': csrf_token
+				}
+			}, function (err, res, body) {
+				assert.ifError(err);
+				assert.equal(res.statusCode, 500);
+				assert.equal(body, '[[error:no-session-found]]');
+				done();
+			});
+		});
+
+		it('should revoke user session', function (done) {
+			db.getSortedSetRange('uid:' + uid + ':sessions', 0, -1, function (err, sids) {
+				assert.ifError(err);
+				var sid = sids[0];
+
+				db.sessionStore.get(sid, function (err, sessionObj) {
+					assert.ifError(err);
+					request.del(nconf.get('url') + '/api/user/revokeme/session/' + sessionObj.meta.uuid, {
+						jar: jar,
+						headers: {
+							'x-csrf-token': csrf_token
+						}
+					}, function (err, res, body) {
+						assert.ifError(err);
+						assert.equal(res.statusCode, 200);
+						assert.equal(body, 'OK');
+						console.log(err, res.statusCode, body);
+						done();
+					});
+				});
+			});
+		});
+
+	});
+
+
 	after(function (done) {
 		db.emptydb(done);
 	});