From e31b68197ec16d2805ec14c2bf532a03f4739e92 Mon Sep 17 00:00:00 2001
From: Adam Mathes <adam@adammathes.com>
Date: Fri, 13 Feb 2026 07:01:40 -0800
Subject: Implement Frontend Logout with tests

---
 web/web_test.go | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

(limited to 'web/web_test.go')

diff --git a/web/web_test.go b/web/web_test.go
index a73a6c9..156bbef 100644
--- a/web/web_test.go
+++ b/web/web_test.go
@@ -356,6 +356,32 @@ func TestApiAuthStatusHandlerAuthenticated(t *testing.T) {
 	if body != `{"status":"ok", "authenticated":true}` {
 		t.Errorf("Expected authenticated true, got %q", body)
 	}
+
+	// Test Logout
+	req, _ = http.NewRequest("POST", "/api/logout", nil)
+	rr = httptest.NewRecorder()
+	handler := http.HandlerFunc(apiLogoutHandler)
+	handler.ServeHTTP(rr, req)
+
+	if status := rr.Code; status != http.StatusOK {
+		t.Errorf("logout handler returned wrong status code: got %v want %v",
+			status, http.StatusOK)
+	}
+
+	// Verify cookie is cleared
+	cookies := rr.Result().Cookies()
+	found := false
+	for _, c := range cookies {
+		if c.Name == AuthCookie {
+			found = true
+			if c.MaxAge != -1 {
+				t.Errorf("auth cookie not expired: got MaxAge %v want -1", c.MaxAge)
+			}
+		}
+	}
+	if !found {
+		t.Errorf("auth cookie not found in response")
+	}
 }
 
 func TestApiAuthStatusHandlerUnauthenticated(t *testing.T) {
-- 
cgit v1.2.3