From 9a9fbcc39807be58fd4fc192a849ab663341112c Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Sat, 23 Jan 2021 18:22:43 -0600
Subject: [PATCH] sessions: fix error when an anonymous user tried to logout.

Fix an exception when a user who was already logged out tried to logout
again.
---
 app/logical/session_loader.rb               |  1 +
 test/functional/sessions_controller_test.rb | 15 +++++++++++----
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/app/logical/session_loader.rb b/app/logical/session_loader.rb
index c3c4bcac1..b3b8ce6f9 100644
--- a/app/logical/session_loader.rb
+++ b/app/logical/session_loader.rb
@@ -31,6 +31,7 @@ class SessionLoader
 
   def logout
     session.delete(:user_id)
+    return if CurrentUser.user.is_anonymous?
     UserEvent.create_from_request!(CurrentUser.user, :logout, request)
   end
 
diff --git a/test/functional/sessions_controller_test.rb b/test/functional/sessions_controller_test.rb
index 7e233b924..29b3dbff6 100644
--- a/test/functional/sessions_controller_test.rb
+++ b/test/functional/sessions_controller_test.rb
@@ -75,18 +75,25 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
     end
 
     context "destroy action" do
-      setup do
-        delete_auth session_path, @user
-      end
-
       should "clear the session" do
+        delete_auth session_path, @user
+
         assert_redirected_to posts_path
         assert_nil(session[:user_id])
       end
 
       should "generate a logout event" do
+        delete_auth session_path, @user
+
         assert_equal(true, @user.user_events.logout.exists?)
       end
+
+      should "not fail if the user is already logged out" do
+        delete session_path
+
+        assert_redirected_to posts_path
+        assert_nil(session[:user_id])
+      end
     end
 
     context "sign_out action" do