From 0a161e88143d28349c49805ea7cc83c5106e075a Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 28 Jul 2017 11:35:14 +0200 Subject: prevent token conflicts --- test/unit/token_test.rb | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'test/unit/token_test.rb') diff --git a/test/unit/token_test.rb b/test/unit/token_test.rb index 51c8d8e..ce7edaa 100644 --- a/test/unit/token_test.rb +++ b/test/unit/token_test.rb @@ -59,7 +59,6 @@ class TokenTest < ActiveSupport::TestCase sample = Token.new(user_id: @user.id) sample.last_seen_at = 2.hours.ago with_config auth: {token_expires_after: 60} do - sample.expects(:destroy) assert_nil sample.authenticate end end @@ -83,7 +82,6 @@ class TokenTest < ActiveSupport::TestCase fresh.destroy end - test "Token.destroy_all_expired does not interfere with expired.authenticate" do expired = FactoryGirl.create :token, last_seen_at: 2.hours.ago with_config auth: {token_expires_after: 60} do @@ -92,4 +90,29 @@ class TokenTest < ActiveSupport::TestCase assert_nil expired.authenticate end + test "active logout (destroy) prevents reuse" do + token = FactoryGirl.create :token + same = Token.find(token.id) + token.destroy + assert_raises CouchRest::NotFound do + same.touch + end + end + + test "logout works on prolonged token" do + token = FactoryGirl.create :token + same = Token.find(token.id) + token.touch + same.destroy + assert_nil Token.find(same.id) + end + + test 'second destroy carries on' do + token = FactoryGirl.create :token + same = Token.find(token.id) + token.destroy + same.destroy + assert_nil Token.find(same.id) + end + end -- cgit v1.2.3