always delete session cookie even if db delete fails

2025-02-25 18:55:37 -06:00 · 2019-02-01 09:59:53 +01:00 · 2019-02-01 09:59:53 +01:00 · a1b3986532
commit a1b3986532
parent 91bd908e03
3 changed files with 6 additions and 12 deletions
--- a/devenv/docker/blocks/loki/docker-compose.yaml
+++ b/devenv/docker/blocks/loki/docker-compose.yaml
@ -20,3 +20,5 @@ services:
      -config.file=/etc/promtail/docker-config.yaml
    networks:
      - loki
+    depends_on:
+      - loki
--- a/pkg/services/auth/auth_token.go
+++ b/pkg/services/auth/auth_token.go
@ -121,18 +121,10 @@ func (s *UserAuthTokenServiceImpl) SignOutUser(c *models.ReqContext) error {
 	hashedToken := hashToken(unhashedToken)

 	sql := `DELETE FROM user_auth_token WHERE auth_token = ?`
-	res, err := s.SQLStore.NewSession().Exec(sql, hashedToken)
-	if err != nil {
-		return err
-	}
+	_, err := s.SQLStore.NewSession().Exec(sql, hashedToken)

-	affected, _ := res.RowsAffected()
-	if affected > 0 {
-		s.writeSessionCookie(c, "", -1)
-		return nil
-	}
-
-	return errors.New("failed to delete session")
+	s.writeSessionCookie(c, "", -1)
+	return err
 }

 func (s *UserAuthTokenServiceImpl) CreateToken(userId int64, clientIP, userAgent string) (*userAuthToken, error) {
--- a/pkg/services/auth/auth_token_test.go
+++ b/pkg/services/auth/auth_token_test.go
@ -73,7 +73,7 @@ func TestUserAuthToken(t *testing.T) {

 			Convey("signing out an none existing session should return an error", func() {
 				httpreq := &http.Request{Header: make(http.Header)}
-				httpreq.AddCookie(&http.Cookie{Name: userAuthTokenService.Cfg.LoginCookieName, Value: "missing-session-cookie"})
+				httpreq.AddCookie(&http.Cookie{Name: userAuthTokenService.Cfg.LoginCookieName, Value: ""})

 				ctx := &models.ReqContext{Context: &macaron.Context{
 					Req:  macaron.Request{Request: httpreq},