test: add auth flow integration tests
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
48
src/__tests__/auth.test.ts
Normal file
48
src/__tests__/auth.test.ts
Normal file
@@ -0,0 +1,48 @@
|
||||
import { describe, it, expect, beforeAll, afterAll } from 'vitest';
|
||||
import { buildApp, extractCookie } from './helpers';
|
||||
|
||||
let app: Awaited<ReturnType<typeof buildApp>>;
|
||||
|
||||
beforeAll(async () => { app = await buildApp(); });
|
||||
afterAll(async () => { await app.close(); });
|
||||
|
||||
describe('POST /api/admin/login', () => {
|
||||
it('returns 401 for invalid credentials', async () => {
|
||||
const res = await app.inject({
|
||||
method: 'POST',
|
||||
url: '/api/admin/login',
|
||||
payload: { username: 'nonexistent', password: 'wrong' },
|
||||
});
|
||||
expect(res.statusCode).toBe(401);
|
||||
expect(res.json().success).toBe(false);
|
||||
});
|
||||
|
||||
it('returns 400 for missing fields', async () => {
|
||||
const res = await app.inject({
|
||||
method: 'POST',
|
||||
url: '/api/admin/login',
|
||||
payload: {},
|
||||
});
|
||||
expect(res.statusCode).toBe(400);
|
||||
});
|
||||
});
|
||||
|
||||
describe('POST /api/admin/refresh', () => {
|
||||
it('returns 401 without refresh token', async () => {
|
||||
const res = await app.inject({
|
||||
method: 'POST',
|
||||
url: '/api/admin/refresh',
|
||||
});
|
||||
expect(res.statusCode).toBe(401);
|
||||
});
|
||||
});
|
||||
|
||||
describe('POST /api/admin/logout', () => {
|
||||
it('clears refresh token cookie', async () => {
|
||||
const res = await app.inject({
|
||||
method: 'POST',
|
||||
url: '/api/admin/logout',
|
||||
});
|
||||
expect(res.statusCode).toBeLessThan(500);
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user