larvit/plainpages
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Logout (todo §4); GET /logout clears plainpages_jwt + revokes the Kratos session (createLogoutFlow → redirect to Kratos logout URL → /login); wire shell Sign out link

Browse Source
This commit is contained in:
Lilleman auf Larv
2026-06-18 10:35:07 +02:00
parent 4f6b60463b
commit dec55f85a6
9 changed files with 67 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/kratos-public.test.ts
View File

@@ -109,3 +109,13 @@ test("whoami throws on an unexpected upstream error", async () => {
const { fetchImpl } = recorder(() => res(500, { error: "boom" }));
await assert.rejects(createKratosPublic({ baseUrl: BASE, fetchImpl }).whoami(), KratosError);
});
test("createLogoutFlow returns the logout URL/token on 200 (cookie forwarded) and null on 401 (no session)", async () => {
const flow = { logout_token: "lt", logout_url: `${BASE}/self-service/logout?token=lt` };
const { calls, fetchImpl } = recorder((url) => (url.endsWith("/self-service/logout/browser") ? res(200, flow) : res(401)));
const out = await createKratosPublic({ baseUrl: BASE, fetchImpl }).createLogoutFlow({ cookie: "plainpages_session=s" });
assert.deepEqual(out, { logoutToken: "lt", logoutUrl: flow.logout_url });
assert.match(calls[0]!.url, /\/self-service\/logout\/browser$/);
assert.equal(calls[0]!.headers.get("cookie"), "plainpages_session=s");
assert.equal(await createKratosPublic({ baseUrl: BASE, fetchImpl: (async () => res(401)) as typeof fetch }).createLogoutFlow(), null);
});