A user logs out

apps/web/config/routes.rb

@@ -4,3 +4,5 @@
 
 resources :users, only: %i[new create]
 resources :sessions, only: %i[new create]
+
+delete 'sessions', as: 'logout'

apps/web/controllers/sessions/destroy.rb

@@ -0,0 +1,23 @@
+module Web
+  module Controllers
+    module Sessions
+      class Destroy
+        include Web::Action
+
+        prepend_before :skip_authentication!
+
+        def call(_params)
+          process
+        end
+
+        private
+
+        def process
+          warden.logout
+          flash[:notice] = 'Successfully logged out'
+          redirect_to routes.root_path
+        end
+      end
+    end
+  end
+end

spec/web/config/routes_spec.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+RSpec.describe Web.routes do
+  describe 'DELETE session' do
+    let(:generated_path) { described_class.path(:logout) }
+    let(:env) { Rack::MockRequest.env_for('/sessions', method: 'DELETE') }
+    let(:route) { described_class.recognize(env) }
+
+    it 'has a generated path' do
+      expect(generated_path).to eq('/sessions')
+    end
+
+    it 'is a recognisable route' do
+      expect(route).to be_routable
+      expect(route.path).to eq('/sessions')
+      expect(route.verb).to eq('DELETE')
+    end
+  end
+end

spec/web/controllers/sessions/destroy_spec.rb

@@ -0,0 +1,21 @@
+RSpec.describe Web::Controllers::Sessions::Destroy, type: :action do
+  let(:action)   { described_class.new }
+  let(:response) { action.call(params) }
+  let(:params)   { Hash[] }
+  let(:warden)   { instance_double Warden::Proxy }
+
+  before do
+    allow(action).to receive(:warden).and_return(warden)
+    allow(warden).to receive(:logout)
+    allow(warden).to receive(:user)
+    response
+  end
+
+  it 'calls the `logout` method on warden' do
+    expect(warden).to have_received(:logout)
+  end
+
+  it 'returns the correct response code' do
+    expect(response[0]).to eq 302
+  end
+end