start acceptance tests for sessions

services/web/README.md

@@ -42,3 +42,11 @@ in the `public/img/iconshock` directory found via
 [findicons.com](http://findicons.com/icon/498089/height?id=526085#)
 
 
+## Acceptance Tests
+
+To run the Acceptance tests:
+
+- set `allowPublicAccess` to true, either in the configuration file,
+  or by setting the environment variable `SHARELATEX_ALLOW_PUBLIC_ACCESS` to `true`
+- start the server (`grunt`)
+- in a separate terminal, run `grunt test:acceptance`

services/web/test/acceptance/coffee/SessionTests.coffee

@@ -0,0 +1,51 @@
+expect = require("chai").expect
+async = require("async")
+User = require "./helpers/User"
+request = require "./helpers/request"
+settings = require "settings-sharelatex"
+redis = require "./helpers/redis"
+
+describe "Sessions", ->
+	before (done) ->
+		@timeout(10000)
+		@user1 = new User()
+		@site_admin = new User({email: "admin@example.com"})
+		async.series [
+			(cb) => @user1.login cb
+			(cb) => @user1.logout cb
+		], done
+
+	describe "one session", ->
+
+		it "should have one session in UserSessions", (done) ->
+			async.series(
+				[
+					(next) =>
+						redis.clearUserSessions @user1, next
+
+					# login, should add session to set
+					, (next) =>
+						@user1.login (err) ->
+							next(err)
+
+					, (next) =>
+						redis.getUserSessions @user1, (err, sessions) =>
+							expect(sessions.length).to.equal 1
+							expect(sessions[0].slice(0, 5)).to.equal 'sess:'
+							next()
+
+					# logout, should remove session from set
+					, (next) =>
+						@user1.logout (err) ->
+							next(err)
+
+					, (next) =>
+						redis.getUserSessions @user1, (err, sessions) =>
+							expect(sessions.length).to.equal 0
+							next()
+
+				], (err, result) =>
+					if err
+						throw err
+					done()
+			)

services/web/test/acceptance/coffee/helpers/User.coffee

@@ -27,11 +27,28 @@ class User
 				db.users.findOne {email: @email}, (error, user) =>
 					return callback(error) if error?
 					@id = user?._id?.toString()
+					@_id = user?._id?.toString()
 					callback()
-	
+
+	logout: (callback = (error) ->) ->
+		@getCsrfToken (error) =>
+			return callback(error) if error?
+			@request.get {
+				url: "/logout" # Register will log in, but also ensure user exists
+				json:
+					email: @email
+					password: @password
+			}, (error, response, body) =>
+				return callback(error) if error?
+				db.users.findOne {email: @email}, (error, user) =>
+					return callback(error) if error?
+					@id = user?._id?.toString()
+					@_id = user?._id?.toString()
+					callback()
+
 	ensure_admin: (callback = (error) ->) ->
 		db.users.update {_id: ObjectId(@id)}, { $set: { isAdmin: true }}, callback
-	
+
 	createProject: (name, callback = (error, project_id) ->) ->
 		@request.post {
 			url: "/project/new",

services/web/test/acceptance/coffee/helpers/redis.coffee

@@ -0,0 +1,27 @@
+Settings = require('settings-sharelatex')
+redis = require('redis-sharelatex')
+logger = require("logger-sharelatex")
+Async = require('async')
+
+rclient = redis.createClient(Settings.redis.web)
+
+module.exports =
+
+	getUserSessions: (user, callback=(err, sessionsSet)->) ->
+		rclient.smembers "UserSessions:#{user._id}", (err, result) ->
+			return callback(err, result)
+
+	clearUserSessions: (user, callback=(err)->) ->
+		sessionSetKey = "UserSessions:#{user._id}"
+		rclient.smembers sessionSetKey, (err, sessionKeys) ->
+			if err
+				return callback(err)
+			if sessionKeys.length == 0
+				return callback(null)
+			rclient.multi()
+				.del(sessionKeys)
+				.srem(sessionSetKey, sessionKeys)
+				.exec (err, result) ->
+					if err
+						return callback(err)
+					callback(null)