idanoo/autobrr
1
0
Fork 0
mirror of https://github.com/idanoo/autobrr synced 2025-07-23 00:39:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(auth): force invalidate invalid session cookies in middleware (#1358)

Browse source 
* fix(auth): invalidate session cookies in middleware

* fix(auth): set path for invalid cookie
This commit is contained in:
ze0s 2024-01-20 20:10:26 +01:00 committed by GitHub
parent eb626de683
commit f488c88f1b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 62 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

10
internal/http/auth_test.go
View file

@ -272,8 +272,8 @@ func TestAuthHandlerValidateBad(t *testing.T) {
defer resp.Body.Close()
if status := resp.StatusCode; status != http.StatusUnauthorized {
t.Errorf("validate: handler returned wrong status code: got %v want %v", status, http.StatusUnauthorized)
if status := resp.StatusCode; status != http.StatusNoContent {
t.Errorf("validate: handler returned wrong status code: got %v want %v", status, http.StatusNoContent)
}
}
@ -320,9 +320,9 @@ func TestAuthHandlerLoginBad(t *testing.T) {
defer resp.Body.Close()
// check for response, here we'll just check for 204 NoContent
if status := resp.StatusCode; status != http.StatusUnauthorized {
t.Errorf("handler returned wrong status code: got %v want %v", status, http.StatusUnauthorized)
// check for response, here we'll just check for 403 Forbidden
if status := resp.StatusCode; status != http.StatusForbidden {
t.Errorf("handler returned wrong status code: got %v want %v", status, http.StatusForbidden)
}
}