Files
nat-as-server/tests/Integration/SessionLogoutTest.php
2026-06-04 21:40:59 +02:00

41 lines
1.2 KiB
PHP

<?php
declare(strict_types=1);
namespace Tests\Integration;
use Tests\Support\DatabaseSeeder;
use Tests\Support\QdbTestCase;
final class SessionLogoutTest extends QdbTestCase
{
public function testSessionValidWithToken(): void
{
$login = $this->api()->loginWebAndGetToken(
DatabaseSeeder::ADMIN_USERNAME,
DatabaseSeeder::PASSWORD
);
$res = $this->api()->withToken($login['token'], 'GET', 'session');
$this->assertApiOk($res);
$this->assertTrue($res['data']['valid']);
}
public function testSessionRejectsMissingToken(): void
{
$res = $this->api()->request('GET', 'session');
$this->assertApiError($res, 'UNAUTHORIZED', 401);
}
public function testLogoutRevokesToken(): void
{
$login = $this->api()->loginWebAndGetToken(
DatabaseSeeder::SUPERVISOR_USERNAME,
DatabaseSeeder::PASSWORD
);
$del = $this->api()->withToken($login['token'], 'DELETE', 'logout');
$this->assertApiOk($del);
$check = $this->api()->withToken($login['token'], 'GET', 'session');
$this->assertApiError($check, 'UNAUTHORIZED', 401);
}
}