add logout endpoint

api/server/handlers/user/login_test.go

@@ -16,7 +16,7 @@ func TestLoginUserSuccessful(t *testing.T) {
 	req, rr := apitest.GetRequestAndRecorder(
 		t,
 		string(types.HTTPVerbPost),
-		"/api/users/login",
+		"/api/login",
 		&types.LoginUserRequest{
 			Email:    "test@test.it",
 			Password: "hello",
@@ -49,7 +49,7 @@ func TestLoginUserIncorrectPassword(t *testing.T) {
 	req, rr := apitest.GetRequestAndRecorder(
 		t,
 		string(types.HTTPVerbPost),
-		"/api/users/login",
+		"/api/login",
 		&types.LoginUserRequest{
 			Email:    "test@test.it",
 			Password: "hello1",
@@ -76,7 +76,7 @@ func TestLoginUserBadEmail(t *testing.T) {
 	req, rr := apitest.GetRequestAndRecorder(
 		t,
 		string(types.HTTPVerbPost),
-		"/api/users/login",
+		"/api/login",
 		&types.LoginUserRequest{
 			Email:    "test",
 			Password: "hello1",
@@ -103,7 +103,7 @@ func TestLoginUserEmptyPassword(t *testing.T) {
 	req, rr := apitest.GetRequestAndRecorder(
 		t,
 		string(types.HTTPVerbPost),
-		"/api/users/login",
+		"/api/login",
 		&types.LoginUserRequest{
 			Email:    "test@test.it",
 			Password: "",
@@ -130,7 +130,7 @@ func TestLoginUserNotExist(t *testing.T) {
 	req, rr := apitest.GetRequestAndRecorder(
 		t,
 		string(types.HTTPVerbPost),
-		"/api/users/login",
+		"/api/login",
 		&types.LoginUserRequest{
 			Email:    "test@example.com",
 			Password: "hello",
@@ -155,7 +155,7 @@ func TestLoginUserFailingReadUserByEmailMethod(t *testing.T) {
 	req, rr := apitest.GetRequestAndRecorder(
 		t,
 		string(types.HTTPVerbPost),
-		"/api/users/login",
+		"/api/login",
 		&types.LoginUserRequest{
 			Email:    "test@test.it",
 			Password: "hello",

api/server/handlers/user/logout.go

@@ -0,0 +1,27 @@
+package user
+
+import (
+	"net/http"
+
+	"github.com/porter-dev/porter/api/server/authn"
+	"github.com/porter-dev/porter/api/server/shared"
+	"github.com/porter-dev/porter/api/server/shared/apierrors"
+)
+
+type UserLogoutHandler struct {
+	config *shared.Config
+}
+
+func NewUserLogoutHandler(
+	config *shared.Config,
+) *UserLogoutHandler {
+	return &UserLogoutHandler{config}
+}
+
+func (u *UserLogoutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if err := authn.SaveUserUnauthenticated(w, r, u.config); err != nil {
+		apierrors.HandleAPIError(w, u.config.Logger, apierrors.NewErrInternal(err))
+	}
+
+	return
+}

api/server/handlers/user/logout_test.go

@@ -0,0 +1,39 @@
+package user_test
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/porter-dev/porter/api/server/handlers/user"
+	"github.com/porter-dev/porter/api/server/shared/apitest"
+	"github.com/porter-dev/porter/api/types"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestLogoutUserSuccessful(t *testing.T) {
+	req, rr := apitest.GetRequestAndRecorder(
+		t,
+		string(types.HTTPVerbPost),
+		"/api/logout",
+		nil,
+	)
+
+	config := apitest.LoadConfig(t)
+	authUser := apitest.CreateTestUser(t, config)
+	apitest.WithAuthenticatedUser(t, req, authUser)
+
+	handler := user.NewUserLogoutHandler(config)
+
+	handler.ServeHTTP(rr, req)
+
+	assert.Equal(t, http.StatusOK, rr.Result().StatusCode, "status code should be 200")
+
+	// read the session to make sure "authenticated" is false
+	session, err := config.Store.Get(req, config.CookieName)
+
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	assert.False(t, session.Values["authenticated"].(bool), "authenticated in session should be false")
+}

api/server/router/user.go

@@ -43,6 +43,27 @@ func getUserRoutes(
 ) []*Route {
 	routes := make([]*Route, 0)
 
+	// POST /api/logout -> user.NewUserLogoutHandler
+	logoutUserEndpoint := factory.NewAPIEndpoint(
+		&types.APIRequestMetadata{
+			Verb:   types.APIVerbUpdate,
+			Method: types.HTTPVerbPost,
+			Path: &types.Path{
+				Parent:       basePath,
+				RelativePath: "/logout",
+			},
+			Scopes: []types.PermissionScope{types.UserScope},
+		},
+	)
+
+	logoutUserHandler := user.NewUserLogoutHandler(config)
+
+	routes = append(routes, &Route{
+		Endpoint: logoutUserEndpoint,
+		Handler:  logoutUserHandler,
+		Router:   r,
+	})
+
 	// GET /api/auth/check -> user.NewAuthCheckHandler
 	authCheckEndpoint := factory.NewAPIEndpoint(
 		&types.APIRequestMetadata{