src/login/routes/test/logout.rs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

use axum::{
    extract::{Json, State},
    http::StatusCode,
};

use crate::{
    login::{app, routes},
    test::fixtures,
};

#[tokio::test]
async fn successful() {
    // Set up the environment

    let app = fixtures::scratch_app().await;
    let now = fixtures::now();
    let login = fixtures::login::create_with_password(&app).await;
    let identity = fixtures::identity::logged_in(&app, &login, &now).await;
    let secret = fixtures::identity::secret(&identity);

    // Call the endpoint

    let (response_identity, response_status) = routes::on_logout(
        State(app.clone()),
        identity.clone(),
        Json(routes::LogoutRequest {}),
    )
    .await
    .expect("logged out with a valid token");

    // Verify the return value's basic structure

    assert!(response_identity.secret().is_none());
    assert_eq!(StatusCode::NO_CONTENT, response_status);

    // Verify the semantics

    let error = app
        .logins()
        .validate(&secret, &now)
        .await
        .expect_err("secret is invalid");
    match error {
        app::ValidateError::InvalidToken => (), // should be invalid
        other @ app::ValidateError::DatabaseError(_) => {
            panic!("expected ValidateError::InvalidToken, got {other:#}")
        }
    }
}

#[tokio::test]
async fn no_identity() {
    // Set up the environment

    let app = fixtures::scratch_app().await;

    // Call the endpoint

    let identity = fixtures::identity::not_logged_in();
    let (identity, status) =
        routes::on_logout(State(app), identity, Json(routes::LogoutRequest {}))
            .await
            .expect("logged out with no token");

    // Verify the return value's basic structure

    assert!(identity.secret().is_none());
    assert_eq!(StatusCode::NO_CONTENT, status);
}

#[tokio::test]
async fn invalid_token() {
    // Set up the environment

    let app = fixtures::scratch_app().await;

    // Call the endpoint

    let identity = fixtures::identity::fictitious();
    let routes::LogoutError(error) =
        routes::on_logout(State(app), identity, Json(routes::LogoutRequest {}))
            .await
            .expect_err("logged out with an invalid token");

    // Verify the return value's basic structure

    assert!(matches!(error, app::ValidateError::InvalidToken));
}