def test_access_denied_with_invalidated_session(user_id: UserId) -> None:
session_id = userdb.on_succeeded_login(user_id)
assert session_id in userdb._load_session_infos(user_id)
userdb.on_access(user_id, session_id)
userdb.on_logout(user_id, session_id)
assert not userdb._load_session_infos(user_id)
with pytest.raises(MKAuthException, match="Invalid user session"):
userdb.on_access(user_id, session_id)
def page(self) -> None:
assert config.user.id is not None
_invalidate_auth_session()
session_id = _get_session_id_from_cookie(config.user.id)
userdb.on_logout(config.user.id, session_id)
if auth_type == 'cookie':
raise HTTPRedirect(config.url_prefix() + 'check_mk/login.py')
# Implement HTTP logout with cookie hack
if not html.request.has_cookie('logout'):
html.response.headers['WWW-Authenticate'] = (
'Basic realm="OMD Monitoring Site %s"' % config.omd_site())
html.response.set_http_cookie('logout', '1')
raise FinalizeRequest(http.client.UNAUTHORIZED)
html.response.delete_cookie('logout')
raise HTTPRedirect(config.url_prefix() + 'check_mk/')
def page(self) -> None:
assert user.id is not None
_invalidate_auth_session()
session_id = _get_session_id_from_cookie(user.id,
revalidate_cookie=True)
userdb.on_logout(user.id, session_id)
if auth_type == "cookie": # type: ignore[has-type]
raise HTTPRedirect(url_prefix() + "check_mk/login.py")
# Implement HTTP logout with cookie hack
if not request.has_cookie("logout"):
response.headers["WWW-Authenticate"] = (
'Basic realm="OMD Monitoring Site %s"' % omd_site())
response.set_http_cookie("logout", "1", secure=request.is_secure)
raise FinalizeRequest(http.client.UNAUTHORIZED)
response.delete_cookie("logout")
raise HTTPRedirect(url_prefix() + "check_mk/")
def test_on_logout_invalidate_session(user_id: UserId) -> None:
session_id = userdb.on_succeeded_login(user_id)
assert session_id in userdb._load_session_infos(user_id)
userdb.on_logout(user_id, session_id)
assert not userdb._load_session_infos(user_id)
def test_on_logout_no_session(user_id: UserId) -> None:
assert userdb.on_succeeded_login(user_id)
assert userdb._load_session_infos(user_id)
userdb.on_logout(user_id, session_id="")
assert userdb._load_session_infos(user_id)
