From ceb392fc8dbaa7a2eaaff899ccb279c6d3918d5a Mon Sep 17 00:00:00 2001
From: Yisroel Baum <yisroel.d.baum@gmail.com>
Date: Sat, 16 May 2026 21:31:03 +0300
Subject: [PATCH] test: add failing logout test

Red phase: LogoutTest covers deleting existing session and no-op for unknown token.
---
 .../tests/Unit/Auth/UseCases/LogoutTest.php   | 53 +++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 backend/tests/Unit/Auth/UseCases/LogoutTest.php

diff --git a/backend/tests/Unit/Auth/UseCases/LogoutTest.php b/backend/tests/Unit/Auth/UseCases/LogoutTest.php
new file mode 100644
index 0000000..7f83b75
--- /dev/null
+++ b/backend/tests/Unit/Auth/UseCases/LogoutTest.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace Tests\Unit\Auth\UseCases;
+
+use App\Auth\CreateSessionDto;
+use App\Auth\UseCases\Logout\Logout;
+use App\Shared\ValueObject\EmailAddress;
+use App\User\CreateUserDto;
+use DateTimeImmutable;
+use PHPUnit\Framework\TestCase;
+use Tests\Fakes\FakeSessionRepository;
+use Tests\Fakes\FakeUserRepository;
+
+class LogoutTest extends TestCase
+{
+    private FakeSessionRepository $sessionRepo;
+    private Logout $useCase;
+
+    protected function setUp(): void
+    {
+        $this->sessionRepo = new FakeSessionRepository();
+        $this->useCase = new Logout($this->sessionRepo);
+
+        $userRepo = new FakeUserRepository();
+        $user = $userRepo->create(new CreateUserDto(
+            email: new EmailAddress('user@example.com'),
+            passwordHash: 'hashed:password',
+        ));
+
+        $this->sessionRepo->create(new CreateSessionDto(
+            token: 'session-token',
+            user: $user,
+            createdAt: new DateTimeImmutable('2026-05-16 12:00:00'),
+            expiresAt: new DateTimeImmutable('2026-05-23 12:00:00'),
+        ));
+    }
+
+    public function testDeletesSessionByToken(): void
+    {
+        $this->useCase->execute('session-token');
+
+        $this->assertNull(
+            $this->sessionRepo->findByToken('session-token'),
+        );
+    }
+
+    public function testDoesNotThrowForUnknownToken(): void
+    {
+        $this->useCase->execute('nonexistent-token');
+
+        $this->assertTrue(true);
+    }
+}