test: add authentication library tests#148
Conversation
jakebromberg
force-pushed
the
test/03-auth-lib
branch
from
cacde0a to
991926c
Compare
Deploying wxyc-dj with
|
| Latest commit: |
0b5c713
|
| Status: | 🚫 Build failed. |
JacksonMeade
left a comment
JacksonMeade
left a comment
There was a problem hiding this comment.
Some of the tests here are focused, clean and nice. Others, I feel, are testing the better-auth library more than our own usage of it, and that is not our responsibility to test. There are also some nits about naming and file separation, and I wish the PR gave a more comprehensive overview of the changes made here, especially where files have been modified.
|
|
||
| afterEach(() => { | ||
| process.env = originalEnv; | ||
| }); |
There was a problem hiding this comment.
I'm confused by this environment switching - what does this do? It appears to re-serialize the environment into itself
There was a problem hiding this comment.
Agreed, this was confusing. The process.env = { ...originalEnv } in beforeEach was unnecessary since afterEach already restores it. Removed in c4a99a3.
| ]), | ||
| }) | ||
| ); | ||
| }); |
There was a problem hiding this comment.
These tests appear to be testing better-auth's behavior, not our implementations of it. Are these tests necessary?
There was a problem hiding this comment.
i.e., shouldn't we have tests that verify that the necessary plugins for the backend are present in the actual client that gets created, rather than one that gets mocked?
There was a problem hiding this comment.
Agreed. Replaced the mock-shape tests (authClient export checks, plugin factory call assertions, fetchOptions verification) with a single test that verifies the captured config has the expected structure: 3 plugins, credentials include, and a defined baseURL. The getJWTToken and getBaseURL tests stay since those exercise our actual logic.
There was a problem hiding this comment.
Good point. The new single config test does exactly this - it captures the config object passed to createAuthClient and asserts on the plugin list, credentials, and baseURL. It verifies what we configure, not what better-auth does with it.
| expect(capturedConfig?.baseURL).toBe("http://localhost:3001/auth"); | ||
| }); | ||
| }); | ||
| }); |
There was a problem hiding this comment.
In my opinion, these tests need to be reevaluated for whether they test the library or the code. Further, the most breakable part of our implementation with the server-client is the verify-email route, which requires special session forwarding due to the JWT + admin client disconnect on using baseUrl. So we should simplify the client tests to be better scoped to our usages of those clients.
There was a problem hiding this comment.
Done. Removed the mock-shape blocks (serverAuthClient export, plugin configuration, weak base URL configuration). Replaced with a single config verification test. Kept the getBaseURL header-based URL construction tests since those exercise our actual branching logic. Verify-email route testing is noted as a follow-up in the updated PR description.
| expect(mockRedirect).not.toHaveBeenCalled(); | ||
| }); | ||
| }); | ||
| }); |
There was a problem hiding this comment.
These tests are, I think, the real meat of what needs to be tested in the role system. They don't so much test server utilities as role-based-access-control and good session carryover. They also rely on mocking, while I think we need to really look at redirect behavior. These tests are good, but should be better separated out into different files that describe their actual tested behavior.
There was a problem hiding this comment.
Agreed on all counts. Split into four focused files: server-session.test.ts (getServerSession + requireAuth), rbac.test.ts (checkRole + requireRole), user-completeness.test.ts (isUserIncomplete + getIncompleteUserAttributes), and user-mapping.test.ts (getUserFromSession). The file names now describe the tested behavior rather than the source module.
| const data: AuthenticatedUser = { | ||
| user: { | ||
| username: "testuser", | ||
| email: "test@example.com", |
There was a problem hiding this comment.
These tests should rely on the central repo of mock users rather than being on their own.
There was a problem hiding this comment.
Done. All inline mock user objects replaced with createTestAuthenticatedUser(), createTestIncompleteUser(), and createTestPasswordResetUser() from test-utils.
| ])('should map "%s" to SM (full access)', (role, expected) => { | ||
| expect(mapRoleToAuthorization(role)).toBe(expected); | ||
| }); | ||
| }); |
| }); | ||
|
|
||
| it("should map 'custom:dj-name' to 'djName'", () => { | ||
| expect(djAttributeNames["custom:dj-name"]).toBe("djName"); |
There was a problem hiding this comment.
This expectation carries over from cognito and is no longer relevant. So I think this points to a need to perform a clean-up re:cognito-based code.
There was a problem hiding this comment.
Removed the djAttributeNames and modifiableAttributeNames tests, and also removed those Cognito-era exports from types.ts itself along with the dead import in authenticationHooks.ts.
| expect(result).toEqual({}); | ||
| expect(result.authority).toBe(Authorization.NO); | ||
| }); | ||
| }); |
There was a problem hiding this comment.
This cleans up this code very nicely and tests real functionality. However, I wish the PR description had better informed me of these changes.
There was a problem hiding this comment.
Fair point. Updated the PR description to call out the non-test file changes (Cognito removal from types.ts and authenticationHooks.ts, api.test.ts deletion) and note verify-email route testing as a follow-up.
| expect(runtime).toBe("edge"); | ||
| }); | ||
| }); | ||
| }); |
Remove mock-shape tests that only verify mocks return what they were told. Replace with single configuration verification tests using captured config objects. Split monolithic server-utils.test.ts (705 lines) into four focused files: server-session, rbac, user-completeness, and user-mapping. Remove Cognito-era exports (djAttributeNames, modifiableAttributeNames) from types.ts and dead import from authenticationHooks.ts. Centralize test data using BetterAuth session fixtures in test-utils. Remove over-explaining comments throughout test files.
Remove mock-shape tests that only verify mocks return what they were told. Replace with single configuration verification tests using captured config objects. Split monolithic server-utils.test.ts (705 lines) into four focused files: server-session, rbac, user-completeness, and user-mapping. Remove Cognito-era exports (djAttributeNames, modifiableAttributeNames) from types.ts and dead import from authenticationHooks.ts. Centralize test data using BetterAuth session fixtures in test-utils. Remove over-explaining comments throughout test files.
jakebromberg
force-pushed
the
test/03-auth-lib
branch
from
02c7259 to
7f3fcdc
Compare
Remove mock-shape tests that only verify mocks return what they were told. Replace with single configuration verification tests using captured config objects. Split monolithic server-utils.test.ts (705 lines) into four focused files: server-session, rbac, user-completeness, and user-mapping. Remove Cognito-era exports (djAttributeNames, modifiableAttributeNames) from types.ts and dead import from authenticationHooks.ts. Centralize test data using BetterAuth session fixtures in test-utils. Remove over-explaining comments throughout test files.
jakebromberg
force-pushed
the
test/03-auth-lib
branch
from
a0eab2a to
1e8aaad
Compare
Remove mock-shape tests that only verify mocks return what they were told. Replace with single configuration verification tests using captured config objects. Split monolithic server-utils.test.ts (705 lines) into four focused files: server-session, rbac, user-completeness, and user-mapping. Remove Cognito-era exports (djAttributeNames, modifiableAttributeNames) from types.ts and dead import from authenticationHooks.ts. Centralize test data using BetterAuth session fixtures in test-utils. Remove over-explaining comments throughout test files.
jakebromberg
force-pushed
the
test/03-auth-lib
branch
from
1e8aaad to
6e435dc
Compare
Remove mock-shape tests that only verify mocks return what they were told. Replace with single configuration verification tests using captured config objects. Split monolithic server-utils.test.ts (705 lines) into four focused files: server-session, rbac, user-completeness, and user-mapping. Remove Cognito-era exports (djAttributeNames, modifiableAttributeNames) from types.ts and dead import from authenticationHooks.ts. Centralize test data using BetterAuth session fixtures in test-utils. Remove over-explaining comments throughout test files.
jakebromberg
force-pushed
the
test/03-auth-lib
branch
from
f747ed4 to
b79f87f
Compare
- Add tests for auth client functionality - Add tests for server-client auth - Add tests for server utilities - Add tests for auth types validation - Add tests for auth utilities - Add tests for session management
Remove mock-shape tests that only verify mocks return what they were told. Replace with single configuration verification tests using captured config objects. Split monolithic server-utils.test.ts (705 lines) into four focused files: server-session, rbac, user-completeness, and user-mapping. Remove Cognito-era exports (djAttributeNames, modifiableAttributeNames) from types.ts and dead import from authenticationHooks.ts. Centralize test data using BetterAuth session fixtures in test-utils. Remove over-explaining comments throughout test files.
- Make checkRole/requireRole/getUserFromSession tests async (these functions use getUserAuthority which fetches from APP_ORGANIZATION) - Add organization-utils mock to rbac and user-mapping tests - Add organizationClient to server-client plugin mock - Update plugin assertions to include organization plugin - Simplify server-client getBaseURL tests to match main's env-only impl
- Fix createTestSessionWithRole to provide all required BetterAuthSession user fields instead of only { role }
- Fix session.test.ts: mock react cache function, mock organization-utils and authentication types, replace invalid runtime export test with module exports test
- Fix client.test.ts: add vi.resetModules() in beforeEach to prevent JWT token cache leaking between tests, update fetch-count test to clear cache between invocations
- Fix server-utils.ts: isUserIncomplete and getIncompleteUserAttributes now check both realName and djName (matching utilities.ts behavior and user-completeness.test.ts expectations)
- Update server-utils.test.ts to match corrected djName-checking behavior
jakebromberg
force-pushed
the
test/03-auth-lib
branch
from
b79f87f to
0b5c713
Compare
Remove mock-shape tests that only verify mocks return what they were told. Replace with single configuration verification tests using captured config objects. Split monolithic server-utils.test.ts (705 lines) into four focused files: server-session, rbac, user-completeness, and user-mapping. Remove Cognito-era exports (djAttributeNames, modifiableAttributeNames) from types.ts and dead import from authenticationHooks.ts. Centralize test data using BetterAuth session fixtures in test-utils. Remove over-explaining comments throughout test files.
2 participants
Closes #248
Summary
getJWTToken/getBaseURLbehaviorisAuthenticated,isIncomplete,isPasswordReset) andmapRoleToAuthorizationbetterAuthSessionToAuthenticationData,toUserFromBetterAuthJWT)Non-test changes
djAttributeNames,modifiableAttributeNames) fromtypes.tsauthenticationHooks.tsapi.test.ts(source file was already removed)Follow-up
Test plan
npx vitest run lib/__tests__/features/authentication/ lib/__tests__/features/session.test.ts-- 192 tests passing across 10 filesPart 3 of 26