Files
app/src/__tests__/auth.test.ts
2026-03-24 19:59:14 +01:00

53 lines
1.3 KiB
TypeScript

import { describe, it, expect, beforeAll, afterAll } from "vitest";
import { buildApp, extractCookie } from "./helpers";
let app: Awaited<ReturnType<typeof buildApp>>;
beforeAll(async () => {
app = await buildApp();
});
afterAll(async () => {
await app.close();
});
describe("POST /api/admin/login", () => {
it("returns 401 for invalid credentials", async () => {
const res = await app.inject({
method: "POST",
url: "/api/admin/login",
payload: { username: "nonexistent", password: "wrong" },
});
expect(res.statusCode).toBe(401);
expect(res.json().success).toBe(false);
});
it("returns 400 for missing fields", async () => {
const res = await app.inject({
method: "POST",
url: "/api/admin/login",
payload: {},
});
expect(res.statusCode).toBe(400);
});
});
describe("POST /api/admin/refresh", () => {
it("returns 401 without refresh token", async () => {
const res = await app.inject({
method: "POST",
url: "/api/admin/refresh",
});
expect(res.statusCode).toBe(401);
});
});
describe("POST /api/admin/logout", () => {
it("clears refresh token cookie", async () => {
const res = await app.inject({
method: "POST",
url: "/api/admin/logout",
});
expect(res.statusCode).toBeLessThan(500);
});
});