Unauthenticated logout request with route & improve unit test (#2342)

2020-12-06 11:19:22 +01:00 · 2020-12-06 11:19:22 +01:00 · c2266720f9
commit c2266720f9
parent 41889e5ee2
4 changed files with 37 additions and 2 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
@ -182,7 +182,8 @@ sub setPortalRoutes {
      ->addUnauthRoute( '*' => 'corsPreflight', ['OPTIONS'] )

      # Logout
-      ->addAuthRoute( logout => 'logout', ['GET'] );
+      ->addAuthRoute( logout => 'logout', ['GET'] )
+      ->addUnauthRoute( logout => 'unauthLogout', ['GET'] );

    # Default routes must point to routines declared above
    $self->defaultAuthRoute('');
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
@ -182,6 +182,7 @@ sub checkLogout {
 sub checkUnauthLogout {
    my ( $self, $req ) = @_;
    if ( defined $req->param('logout') ) {
+        $self->userLogger->info('Unauthenticated logout request');
        $self->logger->debug('Cleaning pdata');
        $self->logger->debug("Removing $self->{conf}->{cookieName} cookie");
        $req->pdata({});
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@ -233,6 +233,24 @@ sub logout {
    );
 }

+sub unauthLogout {
+    my ( $self, $req ) = @_;
+    $self->userLogger->info('Unauthenticated logout request');
+    $self->logger->debug('Cleaning pdata');
+    $self->logger->debug("Removing $self->{conf}->{cookieName} cookie");
+    $req->pdata( {} );
+    $req->addCookie(
+        $self->cookie(
+            name    => $self->conf->{cookieName},
+            domain  => $self->conf->{domain},
+            secure  => $self->conf->{securedCookie},
+            expires => 'Wed, 21 Oct 2015 00:00:00 GMT',
+            value   => 0
+        )
+    );
+    return $self->do( $req, [ sub { PE_LOGOUT_OK } ] );
+}
+
 # RUNNING METHODS
 # ---------------

--- a/lemonldap-ng-portal/t/01-Unauth-Logout.t
+++ b/lemonldap-ng-portal/t/01-Unauth-Logout.t
@ -7,7 +7,7 @@ my $res;
 my $client = LLNG::Manager::Test->new(
    { ini => { logLevel => 'debug', useSafeJail => 1 } } );

-# Test normal first access
+# Test unauthenticated logout request with param
 ok(
    $res = $client->_get(
        '/',
@ -23,6 +23,21 @@ ok( $res->[2]->[0] =~ m%<div class="message message-positive alert"><span trmsg=
 expectCookie($res);
 count(3);

+# Test unauthenticated logout request access with route
+ok(
+    $res = $client->_get(
+        '/logout',
+        accept => 'text/html'
+    ),
+    'Get logout page'
+);
+ok( $res->[2]->[0] =~ m%<span id="languages"></span>%, ' Language icons found' )
+  or print STDERR Dumper( $res->[2]->[0] );
+ok( $res->[2]->[0] =~ m%<div class="message message-positive alert"><span trmsg="47">%, ' PE_LOGOUT_OK' )
+  or print STDERR Dumper( $res->[2]->[0] );
+expectCookie($res);
+count(3);
+
 #print STDERR Dumper($res);

 clean_sessions();