debian-mirror-gitlab/spec/requests/sessions_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

18 lines
458 B
Ruby
Raw Normal View History

2020-04-08 14:13:33 +05:30
# frozen_string_literal: true
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe 'Sessions', feature_category: :authentication_and_authorization do
2020-04-08 14:13:33 +05:30
context 'authentication', :allow_forgery_protection do
let(:user) { create(:user) }
it 'logout does not require a csrf token' do
login_as(user)
post(destroy_user_session_path, headers: { 'X-CSRF-Token' => 'invalid' })
expect(response).to redirect_to(new_user_session_path)
end
end
end