Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cover UpdateSessionUUID with auth unit test #7194

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Cover UpdateSessionUUID with auth unit test #7194

wants to merge 1 commit into from

Conversation

bbrks
Copy link
Member

@bbrks bbrks commented Nov 15, 2024

Cover user.UpdateSessionUUID with a unit test to ensure it invalidates previously created sessions.

The use of the Admin API endpoint was covered in TestSessionAPI but it doesn't acutally verify existing sessions are made unusable.

Integration Tests

  • n/a

@bbrks bbrks mentioned this pull request Nov 15, 2024
Merged
@bbrks bbrks force-pushed the unit_test_auth_user_updateSessionUUID branch from bff621b to 0b445de Compare November 15, 2024 11:19
@bbrks bbrks requested a review from torcolvin November 15, 2024 14:14
torcolvin
torcolvin approved these changes Nov 15, 2024
View reviewed changes
auth/session_test.go
require.NoError(t, err)

_, err = auth.AuthenticateCookie(request, recorder)
require.EqualError(t, err, "401 Session no longer valid for user")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit, take or leave:

I worry a bit about string matching and the formatting of this text and would have a slight preference for defining. base.HTTPErrorf(http.StatusUnauthorized, "Session no longer valid for user") as a constant and doing a errors.Is comparison. We do want to ultimately make sure that this comes back with 401 error and doing that means passing HTTPError up the stack.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@torcolvin torcolvin torcolvin approved these changes

Assignees

@torcolvin torcolvin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bbrks @torcolvin