|
1 | 1 | import { redirect } from 'next/navigation' |
| 2 | +import { NextRequest } from 'next/server' |
2 | 3 | import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest' |
3 | 4 | import { AUTH_URLS, PROTECTED_URLS } from '@/configs/urls' |
4 | 5 | import { |
5 | 6 | forgotPasswordAction, |
6 | 7 | signInAction, |
7 | 8 | signInWithOAuthAction, |
8 | | - signOutAction, |
9 | 9 | signUpAction, |
10 | 10 | } from '@/core/server/actions/auth-actions' |
11 | 11 | import { encodedRedirect } from '@/lib/utils/auth' |
@@ -506,38 +506,26 @@ describe('Auth Actions - Integration Tests', () => { |
506 | 506 | }) |
507 | 507 | }) |
508 | 508 |
|
509 | | - describe('Sign Out Flow', () => { |
510 | | - /** |
511 | | - * AUTHENTICATION TEST: Verifies that sign-out redirects to sign-in page |
512 | | - */ |
513 | | - it('should redirect to sign-in page on sign-out', async () => { |
514 | | - // Setup: Mock Supabase client to return successful sign-out |
515 | | - mockSupabaseClient.auth.signOut.mockResolvedValue({ |
516 | | - error: null, |
517 | | - }) |
518 | | - |
519 | | - // Execute and Verify: Call the sign-out action and expect it to throw redirect |
520 | | - await expect(signOutAction()).rejects.toEqual( |
521 | | - expect.objectContaining({ |
522 | | - destination: AUTH_URLS.SIGN_IN, |
523 | | - }) |
524 | | - ) |
525 | | - }) |
| 509 | + describe('Sign Out Flow (GET /api/auth/sign-out)', () => { |
| 510 | + const callSignOutRoute = async () => { |
| 511 | + const { GET } = await import('@/app/api/auth/sign-out/route') |
| 512 | + return GET(new NextRequest('https://app.e2b.dev/api/auth/sign-out')) |
| 513 | + } |
526 | 514 |
|
527 | 515 | /** |
528 | | - * AUTHENTICATION TEST: Verifies that sign-out redirects to sign-in page with returnTo |
| 516 | + * AUTHENTICATION TEST: the plain (non-auth()-wrapped) route handler clears |
| 517 | + * the session via the provider and redirects to the sign-in page. Running |
| 518 | + * the cookie clear here — rather than inside an auth()-wrapped request — is |
| 519 | + * what keeps the deletion from being clobbered by a re-issued JWT cookie. |
529 | 520 | */ |
530 | | - it('should redirect to sign-in page with returnTo parameter', async () => { |
531 | | - // Setup: Mock Supabase client to return successful sign-out |
532 | | - mockSupabaseClient.auth.signOut.mockResolvedValue({ |
533 | | - error: null, |
534 | | - }) |
| 521 | + it('clears the session and redirects to the sign-in page', async () => { |
| 522 | + mockSupabaseClient.auth.signOut.mockResolvedValue({ error: null }) |
| 523 | + |
| 524 | + const response = await callSignOutRoute() |
535 | 525 |
|
536 | | - // Execute and Verify: Call the sign-out action and expect it to throw redirect |
537 | | - await expect(signOutAction('/dashboard')).rejects.toEqual( |
538 | | - expect.objectContaining({ |
539 | | - destination: `${AUTH_URLS.SIGN_IN}?returnTo=${encodeURIComponent('/dashboard')}`, |
540 | | - }) |
| 526 | + expect(mockSupabaseClient.auth.signOut).toHaveBeenCalled() |
| 527 | + expect(response.headers.get('location')).toBe( |
| 528 | + `https://app.e2b.dev${AUTH_URLS.SIGN_IN}` |
541 | 529 | ) |
542 | 530 | }) |
543 | 531 | }) |
|
0 commit comments