summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--users/app/controllers/sessions_controller.rb1
-rw-r--r--users/app/controllers/v1/sessions_controller.rb1
-rw-r--r--users/test/integration/api/account_flow_test.rb8
3 files changed, 10 insertions, 0 deletions
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index bc910b5..0345fbd 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -11,6 +11,7 @@ class SessionsController < ApplicationController
end
def create
+ logout if logged_in?
authenticate!
end
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 5b4a13b..27d10fb 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -12,6 +12,7 @@ module V1
end
def create
+ logout if logged_in?
authenticate!
end
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index e425c35..7636f2b 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -62,6 +62,14 @@ class AccountFlowTest < ActiveSupport::TestCase
assert server_auth["M2"]
end
+ test "duplicate login does not break things" do
+ server_auth = @srp.authenticate(self)
+ server_auth = @srp.authenticate(self)
+ assert last_response.successful?
+ assert_nil server_auth["errors"]
+ assert server_auth["M2"]
+ end
+
test "signup and wrong password login attempt" do
srp = SRP::Client.new(@login, "wrong password")
server_auth = srp.authenticate(self)
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 19:04:46 +0000