blob: 6697700c37d7649dfc727d4307fcb7d2d136e7ac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
# frozen_string_literal: true
require 'spec_helper'
describe 'Sessions' do
context 'authentication', :allow_forgery_protection do
let(:user) { create(:user) }
it 'logout does not require a csrf token' do
login_as(user)
post(destroy_user_session_path, headers: { 'X-CSRF-Token' => 'invalid' })
expect(response).to redirect_to(new_user_session_path)
end
end
end
|