41 lines
1.2 KiB
PHP
41 lines
1.2 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tests\Integration;
|
|
|
|
use Tests\Support\DatabaseSeeder;
|
|
use Tests\Support\QdbTestCase;
|
|
|
|
final class SessionLogoutTest extends QdbTestCase
|
|
{
|
|
public function testSessionValidWithToken(): void
|
|
{
|
|
$login = $this->api()->loginWebAndGetToken(
|
|
DatabaseSeeder::ADMIN_USERNAME,
|
|
DatabaseSeeder::PASSWORD
|
|
);
|
|
$res = $this->api()->withToken($login['token'], 'GET', 'session');
|
|
$this->assertApiOk($res);
|
|
$this->assertTrue($res['data']['valid']);
|
|
}
|
|
|
|
public function testSessionRejectsMissingToken(): void
|
|
{
|
|
$res = $this->api()->request('GET', 'session');
|
|
$this->assertApiError($res, 'UNAUTHORIZED', 401);
|
|
}
|
|
|
|
public function testLogoutRevokesToken(): void
|
|
{
|
|
$login = $this->api()->loginWebAndGetToken(
|
|
DatabaseSeeder::SUPERVISOR_USERNAME,
|
|
DatabaseSeeder::PASSWORD
|
|
);
|
|
$del = $this->api()->withToken($login['token'], 'DELETE', 'logout');
|
|
$this->assertApiOk($del);
|
|
$check = $this->api()->withToken($login['token'], 'GET', 'session');
|
|
$this->assertApiError($check, 'UNAUTHORIZED', 401);
|
|
}
|
|
}
|