always delete session cookie even if db delete fails

This commit is contained in:
bergquist 2019-02-01 09:59:53 +01:00
parent 91bd908e03
commit a1b3986532
3 changed files with 6 additions and 12 deletions

View File

@ -20,3 +20,5 @@ services:
-config.file=/etc/promtail/docker-config.yaml
networks:
- loki
depends_on:
- loki

View File

@ -121,18 +121,10 @@ func (s *UserAuthTokenServiceImpl) SignOutUser(c *models.ReqContext) error {
hashedToken := hashToken(unhashedToken)
sql := `DELETE FROM user_auth_token WHERE auth_token = ?`
res, err := s.SQLStore.NewSession().Exec(sql, hashedToken)
if err != nil {
return err
}
_, err := s.SQLStore.NewSession().Exec(sql, hashedToken)
affected, _ := res.RowsAffected()
if affected > 0 {
s.writeSessionCookie(c, "", -1)
return nil
}
return errors.New("failed to delete session")
s.writeSessionCookie(c, "", -1)
return err
}
func (s *UserAuthTokenServiceImpl) CreateToken(userId int64, clientIP, userAgent string) (*userAuthToken, error) {

View File

@ -73,7 +73,7 @@ func TestUserAuthToken(t *testing.T) {
Convey("signing out an none existing session should return an error", func() {
httpreq := &http.Request{Header: make(http.Header)}
httpreq.AddCookie(&http.Cookie{Name: userAuthTokenService.Cfg.LoginCookieName, Value: "missing-session-cookie"})
httpreq.AddCookie(&http.Cookie{Name: userAuthTokenService.Cfg.LoginCookieName, Value: ""})
ctx := &models.ReqContext{Context: &macaron.Context{
Req: macaron.Request{Request: httpreq},