public function testDeleteSessionMissingCsrfToken()
{
$session = $this->login();
$request = $this->createDeleteRequest($session);
$this->removeCsrfHeader($request);
$response = $this->sendHttpRequest($request);
self::assertHttpResponseCodeEquals($response, 401);
}