fix: login endpoint

api/client.go

@@ -21,10 +21,10 @@ func NewClient(url, nonce, session, apiKey string) *Client {
 	return &Client{
 		sub: &http.Client{
 			Jar: jar,
-			// Don't follow redirections
-			CheckRedirect: func(_ *http.Request, _ []*http.Request) error {
-				return http.ErrUseLastResponse
-			},
+			// // Don't follow redirections
+			// CheckRedirect: func(_ *http.Request, _ []*http.Request) error {
+			// 	return http.ErrUseLastResponse
+			// },
 		},
 		url:     url,
 		nonce:   nonce,

api/login.go

@@ -5,8 +5,6 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
-
-	"github.com/pkg/errors"
 )
 
 type LoginParams struct {
@@ -35,7 +33,7 @@ func (client *Client) Login(params *LoginParams, opts ...Option) error {
 	}
 	defer res.Body.Close()
 
-	if res.StatusCode != http.StatusFound {
+	if res.StatusCode != http.StatusOK {
 		return fmt.Errorf("CTFd responded with status code %d", res.StatusCode)
 	}
 
@@ -45,12 +43,5 @@ func (client *Client) Login(params *LoginParams, opts ...Option) error {
 		return err
 	}
 	client.nonce = nonce
-
-	for _, cookie := range res.Cookies() {
-		if cookie.Name == "session" {
-			client.session = cookie.Value
-			return nil
-		}
-	}
-	return errors.New("session cookie not found")
+	return nil
 }

api/logout.go

@@ -3,8 +3,6 @@ package api
 import (
 	"fmt"
 	"net/http"
-
-	"github.com/pkg/errors"
 )
 
 func (client *Client) Logout(opts ...Option) error {
@@ -15,7 +13,7 @@ func (client *Client) Logout(opts ...Option) error {
 	}
 	defer res.Body.Close()
 
-	if res.StatusCode != http.StatusFound {
+	if res.StatusCode != http.StatusOK {
 		return fmt.Errorf("CTFd responded with status code %d", res.StatusCode)
 	}
 
@@ -25,12 +23,5 @@ func (client *Client) Logout(opts ...Option) error {
 		return err
 	}
 	client.nonce = nonce
-
-	for _, cookie := range res.Cookies() {
-		if cookie.Name == "session" {
-			client.session = cookie.Value
-			break
-		}
-	}
-	return errors.New("session cookie not found")
+	return nil
 }

api/register.go

@@ -2,7 +2,6 @@ package api
 
 import (
 	"bytes"
-	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -30,22 +29,11 @@ func (client *Client) Register(params *RegisterParams, opts ...Option) error {
 	}
 	defer res.Body.Close()
 
-	if res.StatusCode != http.StatusFound {
+	if res.StatusCode != http.StatusOK {
 		return fmt.Errorf("CTFd responded with status code %d, which could be due to email reuse", res.StatusCode)
 	}
 
 	// Update session to track user then fetch nonce for later API calls
-	cookieFound := false
-	for _, cookie := range res.Cookies() {
-		if cookie.Name == "session" {
-			client.session = cookie.Value
-			cookieFound = true
-			break
-		}
-	}
-	if !cookieFound {
-		return errors.New("session cookie not found, may be due to server misconfiguration (not setup yet) or API instability")
-	}
 	req, _ = http.NewRequest(http.MethodGet, "/", nil)
 	res, err = client.Do(req)
 	if err != nil {

api/reset.go

@@ -45,7 +45,7 @@ func (client *Client) Reset(params *ResetParams, opts ...Option) error {
 	}
 	defer res.Body.Close()
 
-	if res.StatusCode != http.StatusFound {
+	if res.StatusCode != http.StatusOK {
 		return fmt.Errorf("CTFd responded with status code %d", res.StatusCode)
 	}
 

api/setup_test.go

@@ -75,6 +75,21 @@ func Test_F_Setup(t *testing.T) {
 	}
 	client.SetAPIKey(*token.Value)
 
+	// 1d. Logout because we don't know what could happen with a mouse on the UI
+	err = client.Logout()
+	if !assert.Nil(err, "got error: %s", err) {
+		return
+	}
+
+	// 1e. Relog :)
+	err = client.Login(&api.LoginParams{
+		Name:     "ctfer",
+		Password: "password",
+	})
+	if !assert.Nil(err, "got error: %s", err) {
+		return
+	}
+
 	// 2. Create a challenge
 	chall, err := client.PostChallenges(&api.PostChallengesParams{
 		Name:           "Stealing data",