Commit244068f

authored

feat: audit logout (#5998)

1 parentb19ae71 commit244068fCopy full SHA for 244068f

File tree

+25

-2

lines changed

+25

-2

lines changed

Lines changed: 16 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -133,7 +133,18 @@ func (api API) postLogin(rw http.ResponseWriter, r http.Request) {`
`133`	`133`	`// @Success 200 {object} codersdk.Response`
`134`	`134`	`// @Router /users/logout [post]`
`135`	`135`	`func (apiAPI)postLogout(rw http.ResponseWriter,rhttp.Request) {`
`136`		`-ctx:=r.Context()`
	`136`	`+var (`
	`137`	`+ctx=r.Context()`
	`138`	`+auditor=api.Auditor.Load()`
	`139`	`+aReq,commitAudit=audit.InitRequest[database.APIKey](rw,&audit.RequestParams{`
	`140`	`+Audit:*auditor,`
	`141`	`+Log:api.Logger,`
	`142`	`+Request:r,`
	`143`	`+Action:database.AuditActionLogout,`
	`144`	`+})`
	`145`	`+)`
	`146`	`+defercommitAudit()`
	`147`	`+`
`137`	`148`	`// Get a blank token cookie.`
`138`	`149`	`cookie:=&http.Cookie{`
`139`	`150`	`// MaxAge < 0 means to delete the cookie now.`
`@@ -145,6 +156,8 @@ func (api API) postLogout(rw http.ResponseWriter, r http.Request) {`
`145`	`156`
`146`	`157`	`// Delete the session token from database.`
`147`	`158`	`apiKey:=httpmw.APIKey(r)`
	`159`	`+aReq.Old=apiKey`
	`160`	`+`
`148`	`161`	`err:=api.Database.DeleteAPIKeyByID(ctx,apiKey.ID)`
`149`	`162`	`iferr!=nil {`
`150`	`163`	`httpapi.Write(ctx,rw,http.StatusInternalServerError, codersdk.Response{`
`@@ -198,6 +211,8 @@ func (api API) postLogout(rw http.ResponseWriter, r http.Request) {`
`198`	`211`	`}`
`199`	`212`	`}`
`200`	`213`
	`214`	`+aReq.New= database.APIKey{}`
	`215`	`+`
`201`	`216`	`httpapi.Write(ctx,rw,http.StatusOK, codersdk.Response{`
`202`	`217`	`Message:"Logged out!",`
`203`	`218`	`})`

Lines changed: 9 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -327,9 +327,12 @@ func TestPostLogout(t *testing.T) {`
`327`	`327`	`// Checks that the cookie is cleared and the API Key is deleted from the database.`
`328`	`328`	`t.Run("Logout",func(t*testing.T) {`
`329`	`329`	`t.Parallel()`
	`330`	`+auditor:=audit.NewMock()`
	`331`	`+client:=coderdtest.New(t,&coderdtest.Options{Auditor:auditor})`
	`332`	`+numLogs:=len(auditor.AuditLogs)`
`330`	`333`
`331`		`-client:=coderdtest.New(t,nil)`
`332`	`334`	`admin:=coderdtest.CreateFirstUser(t,client)`
	`335`	`+numLogs++// add an audit log for login`
`333`	`336`
`334`	`337`	`ctx,cancel:=context.WithTimeout(context.Background(),testutil.WaitLong)`
`335`	`338`	`defercancel()`
`@@ -343,10 +346,15 @@ func TestPostLogout(t *testing.T) {`
`343`	`346`	`require.NoError(t,err,"Server URL should parse successfully")`
`344`	`347`
`345`	`348`	`res,err:=client.Request(ctx,http.MethodPost,fullURL.String(),nil)`
	`349`	`+numLogs++// add an audit log for logout`
	`350`	`+`
`346`	`351`	`require.NoError(t,err,"/logout request should succeed")`
`347`	`352`	`res.Body.Close()`
`348`	`353`	`require.Equal(t,http.StatusOK,res.StatusCode)`
`349`	`354`
	`355`	`+require.Len(t,auditor.AuditLogs,numLogs)`
	`356`	`+require.Equal(t,database.AuditActionLogout,auditor.AuditLogs[numLogs-1].Action)`
	`357`	`+`
`350`	`358`	`cookies:=res.Cookies()`
`351`	`359`
`352`	`360`	`varfoundbool`

Comments

(0)