public/once-campfire
1
0
Fork 0
mirror of https://github.com/basecamp/once-campfire.git synced 2026-05-26 12:08:43 +09:00
Code Issues Packages Projects Releases Wiki Activity

Delete server-side session on logout

Browse Source 
When it's set. Also, store it in current attributes for convenience.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Rosa Gutierrez
2026-01-15 20:04:01 +01:00
committed by Rosa Gutierrez
parent 1852adb06c
commit dde94b06ed
4 changed files with 31 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
test/controllers/sessions_controller_test.rb
View File

@@ -28,7 +28,9 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
end
test "create with valid credentials" do
post session_url, params: { email_address: "david@37signals.com", password: "secret123456" }
assert_difference -> { Session.count }, +1 do
post session_url, params: { email_address: "david@37signals.com", password: "secret123456" }
end
assert_redirected_to root_url
assert parsed_cookies.signed[:session_token]
@@ -43,11 +45,15 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
test "destroy" do
sign_in :david
session = users(:david).sessions.last
delete session_url
assert_difference -> { Session.count }, -1 do
delete session_url
end
assert_redirected_to root_url
assert_not cookies[:session_token].present?
assert_nil Session.find_by(id: session.id)
end
test "destroy removes the push subscription for the device" do