htmx logout tidy up (#2884)

2025-02-23 04:27:02 +01:00 · 2024-07-15 17:11:00 +10:00 · 2024-07-15 17:11:00 +10:00 · d7a5097527
parent d0e57442d2
commit d7a5097527
2 changed files with 18 additions and 4 deletions
--- a/libs/client/src/lib.rs
+++ b/libs/client/src/lib.rs
@ -59,6 +59,7 @@ const EXPECT_VERSION: &str = env!("CARGO_PKG_VERSION");
 #[derive(Debug)]
 pub enum ClientError {
    Unauthorized,
+    SessionExpired,
    Http(reqwest::StatusCode, Option<OperationError>, String),
    Transport(reqwest::Error),
    AuthenticationFailed,
@ -633,10 +634,16 @@ impl KanidmClient {
    }

    pub async fn logout(&self) -> Result<(), ClientError> {
-        self.perform_get_request("/v1/logout").await?;
-        let mut tguard = self.bearer_token.write().await;
-        *tguard = None;
-        Ok(())
+        match self.perform_get_request("/v1/logout").await {
+            Err(ClientError::Unauthorized)
+            | Err(ClientError::Http(reqwest::StatusCode::UNAUTHORIZED, _, _))
+            | Ok(()) => {
+                let mut tguard = self.bearer_token.write().await;
+                *tguard = None;
+                Ok(())
+            }
+            e => e,
+        }
    }

    pub fn get_token_cache_path(&self) -> String {
--- a/server/testkit/tests/proto_v1_test.rs
+++ b/server/testkit/tests/proto_v1_test.rs
@ -1662,6 +1662,13 @@ async fn test_server_user_auth_token_lifecycle(rsclient: KanidmClient) {
        .await
        .expect("Failed to destroy user auth token");

+    // The session is revoked server side, but we can still call logout locally
+    // and on the 401 it will just clear the token.
+    rsclient
+        .logout()
+        .await
+        .expect("Failed to remove local token");
+
    // Since the session is revoked, check with the admin.
    let res = rsclient
        .auth_simple_password(ADMIN_TEST_USER, ADMIN_TEST_PASSWORD)