test: refresh token rotation, logout revocation, login refresh token

2026-06-11 14:42:39 +02:00
parent 96c753c2c6
commit 4f0f44dec3
5 changed files with 164 additions and 8 deletions
--- a/crates/application/src/auth/refresh.rs
+++ b/crates/application/src/auth/refresh.rs
@@ -23,18 +23,12 @@ pub async fn execute(
        .ok_or_else(|| DomainError::Unauthorized("Invalid refresh token".into()))?;

    if session.expires_at < Utc::now() {
-        ctx.repos
-            .refresh_session
-            .revoke(old_refresh_token)
-            .await?;
+        ctx.repos.refresh_session.revoke(old_refresh_token).await?;
        return Err(DomainError::Unauthorized("Refresh token expired".into()));
    }

    // Revoke old token (rotation)
-    ctx.repos
-        .refresh_session
-        .revoke(old_refresh_token)
-        .await?;
+    ctx.repos.refresh_session.revoke(old_refresh_token).await?;

    // Generate new access token
    let generated = ctx.services.auth.generate_token(&session.user_id).await?;
@@ -57,3 +51,7 @@ pub async fn execute(
        expires_at: generated.expires_at,
    })
 }
+
+#[cfg(test)]
+#[path = "tests/refresh.rs"]
+mod tests;