In an early prototype of AuthN, I was anticipating more HTTP redirection logic and built SessionsController#destroy accordingly. But AuthN is currently doing well as a pure JavaScript API, and when XmlHttpRequests automatically follow the redirect, unnecessary things happen.
This cleans up a bit. The first step was removing the redirect logic in the controller. The second step was recognizing that this route was a GET only for redirect purposes and should now be a DELETE. The third step was deciding that since the API contract is changing, I may as well properly singularize the /session resource.
Coverage decreased (-0.009%) to 99.379% when pulling 0aecd1197f73eda9747f5190583b996ab191b291 on logout_api into 3c7e12a1a37bb580d48f6b75067a7fc2b0b9ee96 on master.
In an early prototype of AuthN, I was anticipating more HTTP redirection logic and built
SessionsController#destroy
accordingly. But AuthN is currently doing well as a pure JavaScript API, and when XmlHttpRequests automatically follow the redirect, unnecessary things happen.This cleans up a bit. The first step was removing the redirect logic in the controller. The second step was recognizing that this route was a
GET
only for redirect purposes and should now be aDELETE
. The third step was deciding that since the API contract is changing, I may as well properly singularize the/session
resource.fixes #45