From e9108c05d5b1da48947776ef3d03e8790c13eebf Mon Sep 17 00:00:00 2001
From: Phil Skentelbery <phil@thesatelliteoflove.com>
Date: Mon, 22 Dec 2025 11:59:11 -0700
Subject: [PATCH] feat: add logout button to admin interface (Story 1.4)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add logout button to admin dashboard and test to verify its presence.
This completes the missing acceptance criterion for Story 1.4:
"Logout option available from admin interface"

Changes:
- Add logout form with CSRF protection to dashboard header
- Add integration test to verify logout button is present
- All tests pass (24/24)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/templates/admin/dashboard.html    |  4 ++++
 tests/integration/test_admin_login.py | 26 ++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/src/templates/admin/dashboard.html b/src/templates/admin/dashboard.html
index bb68aba..947c0d9 100644
--- a/src/templates/admin/dashboard.html
+++ b/src/templates/admin/dashboard.html
@@ -6,6 +6,10 @@
 <article>
     <header>
         <h1>Admin Dashboard</h1>
+        <form method="POST" action="{{ url_for('admin.logout') }}" style="display: inline;">
+            <input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
+            <button type="submit" class="secondary">Logout</button>
+        </form>
     </header>
 
     <p>Welcome to the Sneaky Klaus admin dashboard!</p>
diff --git a/tests/integration/test_admin_login.py b/tests/integration/test_admin_login.py
index fe6925e..6e6e2f2 100644
--- a/tests/integration/test_admin_login.py
+++ b/tests/integration/test_admin_login.py
@@ -354,3 +354,29 @@ class TestAdminLogin:
         )
         assert response.status_code == 200
         assert b"required" in response.data.lower()
+
+    def test_logout_option_available_in_admin_interface(self, client, db, admin):  # noqa: ARG002
+        """Test that logout option is available from admin interface.
+
+        Acceptance Criteria (Story 1.4):
+        - Logout option available from admin interface
+        """
+        # Login first
+        client.post(
+            "/admin/login",
+            data={
+                "email": "admin@example.com",
+                "password": "testpassword123",
+            },
+            follow_redirects=False,
+        )
+
+        # Access admin dashboard
+        response = client.get("/admin/dashboard", follow_redirects=False)
+        assert response.status_code == 200
+
+        # Verify logout button/link is present
+        # Check for logout form posting to /admin/logout
+        assert b"/admin/logout" in response.data
+        # Check for logout text in button or link
+        assert b"logout" in response.data.lower() or b"log out" in response.data.lower()