[6.x] Make /api/security/v1/login to return 204 status code if no payload is provided. (#21406)

x-pack/plugins/security/server/routes/api/v1/__tests__/authenticate.js

@@ -64,6 +64,9 @@ describe('Authentication routes', () => {
             username: Joi.string().required(),
             password: Joi.string().required()
           }
+        },
+        response: {
+          emptyStatusCode: 204,
         }
       });
     });

x-pack/plugins/security/server/routes/api/v1/authenticate.js

@@ -23,6 +23,9 @@ export function initAuthenticateApi(server) {
           username: Joi.string().required(),
           password: Joi.string().required()
         }
+      },
+      response: {
+        emptyStatusCode: 204,
       }
     },
     async handler(request, reply) {

x-pack/test/api_integration/apis/security/basic_login.js

@@ -54,7 +54,7 @@ export default function ({ getService }) {
       const loginResponse = await supertest.post('/api/security/v1/login')
         .set('kbn-xsrf', 'xxx')
         .send({ username: validUsername, password: validPassword })
-        .expect(200);
+        .expect(204);
 
       const cookies = loginResponse.headers['set-cookie'];
       expect(cookies).to.have.length(1);
@@ -111,7 +111,7 @@ export default function ({ getService }) {
         const loginResponse = await supertest.post('/api/security/v1/login')
           .set('kbn-xsrf', 'xxx')
           .send({ username: validUsername, password: validPassword })
-          .expect(200);
+          .expect(204);
 
         sessionCookie = request.cookie(loginResponse.headers['set-cookie'][0]);
       });