add session check during unauth (#60)

* add session check during unauth * update hasSession to method call
vapor · Feb 12, 2019 · 9c71c8a · 9c71c8a
1 parent 5aefb28
commit 9c71c8a
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 8 deletions.
diff --git a/Package.swift b/Package.swift
@@ -25,13 +25,12 @@ let package = Package(
 
         // 💧 A server-side Swift web framework.
         .package(url: "https://github.com/vapor/vapor.git", from: "3.0.0"),
+
+        // Fluent SQLite, only for testing.
+        .package(url: "https://github.com/vapor/fluent-sqlite.git", from: "3.0.0"),
     ],
     targets: [
         .target(name: "Authentication", dependencies: ["Async", "Bits", "Crypto", "Debugging", "Fluent", "HTTP", "Service", "Vapor"]),
+        .testTarget(name: "AuthenticationTests", dependencies: ["Authentication", "FluentSQLite", "Vapor"]),
     ]
 )
-
-if ProcessInfo.processInfo.environment["ENABLE_TESTS"]?.lowercased() == "true" {
-    package.dependencies.append(.package(url: "https://github.com/vapor/fluent-sqlite.git", .branch("master")))
-    package.targets.append(.testTarget(name: "AuthenticationTests", dependencies: ["Authentication", "FluentSQLite", "Vapor"]))
-}
diff --git a/Sources/Authentication/Persist/SessionAuthenticatable.swift b/Sources/Authentication/Persist/SessionAuthenticatable.swift
@@ -41,6 +41,9 @@ extension Request {
 
     /// Un-authenticates the model from the session.
     public func unauthenticateSession<A>(_ a: A.Type) throws where A: SessionAuthenticatable {
+        guard try self.hasSession() else {
+            return
+        }
         try session()["_" + A.sessionName + "Session"] = nil
         try unauthenticate(A.self)
     }

diff --git a/Tests/AuthenticationTests/AuthenticationTests.swift b/Tests/AuthenticationTests/AuthenticationTests.swift
@@ -73,15 +73,20 @@ class AuthenticationTests: XCTestCase {
 
         var migrations = MigrationConfig()
         migrations.add(model: User.self, database: .test)
+        migrations.prepareCache(for: .test)
         services.register(migrations)
 
         var middleware = MiddlewareConfig.default()
         middleware.use(SessionsMiddleware.self)
         services.register(middleware)
-        services.register(MemoryKeyedCache(), as: KeyedCache.self)
+
+        services.register(KeyedCache.self) { container -> SQLiteCache in
+            let pool = try container.connectionPool(to: .test)
+            return .init(pool: pool)
+        }
 
         var config = Config.default()
-        config.prefer(MemoryKeyedCache.self, for: KeyedCache.self)
+        config.prefer(SQLiteCache.self, for: KeyedCache.self)
 
         let app = try Application(config: config, services: services)
 
@@ -104,7 +109,8 @@ class AuthenticationTests: XCTestCase {
         }
 
         group.get("logout") { req -> HTTPStatus in
-            try req.unauthenticateSession(User.self)
+            try req.destroySession()
+            try req.unauthenticate(User.self)
             return .ok
         }
 
@@ -167,6 +173,15 @@ class AuthenticationTests: XCTestCase {
             let res = try responder.respond(to: req).wait()
             XCTAssertEqual(res.http.status, .ok)
         }
+
+        // ensure the session has been removed from storage
+        do {
+            let conn = try sqlite.newConnection(on: app.eventLoop).wait()
+            try conn.raw("SELECT COUNT(*) as count FROM fluentcache").run { row in
+                let count = row.firstValue(forColumn: "count")!.description
+                XCTAssertEqual(count, "0")
+            }.wait()
+        }
 
         /// logged-out persisted req
         do {