feat(15-03): update E2E seed and auth tests for OIDC architecture

- E2E seed creates API key instead of user for authentication - Auth service tests cover only API key CRUD (removed user/session tests) - Auth middleware tests validate three-way auth: API key, Bearer token, OIDC session - Auth route tests mock getAuth for OIDC session, test /me and /keys endpoints - Remove all references to createUser, verifyPassword, createSession in auth tests
2026-04-04 20:54:18 +02:00
parent 79b27b6bcc
commit 689a56b2b7
4 changed files with 167 additions and 216 deletions
--- a/tests/services/auth.service.test.ts
+++ b/tests/services/auth.service.test.ts
@@ -1,16 +1,9 @@
 import { beforeEach, describe, expect, it } from "bun:test";
 import {
-	changePassword,
 	createApiKey,
-	createSession,
-	createUser,
 	deleteApiKey,
-	deleteSession,
-	getSession,
-	getUserCount,
 	listApiKeys,
 	verifyApiKey,
-	verifyPassword,
 } from "../../src/server/services/auth.service.ts";
 import { createTestDb } from "../helpers/db.ts";

@@ -21,102 +14,6 @@ describe("Auth Service", () => {
 		db = createTestDb();
 	});

-	describe("User Management", () => {
-		it("creates a user with hashed password (hash !== plaintext)", async () => {
-			const user = await createUser(db, "admin", "secret123");
-
-			expect(user).toBeDefined();
-			expect(user.id).toBeGreaterThan(0);
-			expect(user.username).toBe("admin");
-			expect(user.passwordHash).not.toBe("secret123");
-			expect(user.passwordHash.length).toBeGreaterThan(0);
-		});
-
-		it("verifies correct password returns user", async () => {
-			await createUser(db, "admin", "secret123");
-			const user = await verifyPassword(db, "admin", "secret123");
-
-			expect(user).not.toBeNull();
-			expect(user!.username).toBe("admin");
-		});
-
-		it("rejects incorrect password returns null", async () => {
-			await createUser(db, "admin", "secret123");
-			const user = await verifyPassword(db, "admin", "wrongpassword");
-
-			expect(user).toBeNull();
-		});
-
-		it("getUserCount returns 0 then 1", async () => {
-			const countBefore = getUserCount(db);
-			expect(countBefore).toBe(0);
-
-			await createUser(db, "admin", "secret123");
-
-			const countAfter = getUserCount(db);
-			expect(countAfter).toBe(1);
-		});
-
-		it("changes password successfully", async () => {
-			await createUser(db, "admin", "oldpass");
-			const changed = await changePassword(db, "admin", "oldpass", "newpass");
-			expect(changed).toBe(true);
-
-			// Verify new password works
-			const user = await verifyPassword(db, "admin", "newpass");
-			expect(user).not.toBeNull();
-
-			// Verify old password no longer works
-			const oldAttempt = await verifyPassword(db, "admin", "oldpass");
-			expect(oldAttempt).toBeNull();
-		});
-
-		it("rejects password change with wrong current password", async () => {
-			await createUser(db, "admin", "secret123");
-			const changed = await changePassword(
-				db,
-				"admin",
-				"wrongcurrent",
-				"newpass",
-			);
-			expect(changed).toBe(false);
-		});
-	});
-
-	describe("Session Management", () => {
-		it("creates and retrieves a session (id length is 64 hex chars)", async () => {
-			const user = await createUser(db, "admin", "secret123");
-			const session = createSession(db, user.id);
-
-			expect(session).toBeDefined();
-			expect(session.id).toHaveLength(64);
-			expect(session.userId).toBe(user.id);
-			expect(session.expiresAt).toBeInstanceOf(Date);
-
-			const retrieved = getSession(db, session.id);
-			expect(retrieved).not.toBeNull();
-			expect(retrieved!.id).toBe(session.id);
-		});
-
-		it("returns null for expired session (expiryDays = -1)", async () => {
-			const user = await createUser(db, "admin", "secret123");
-			const session = createSession(db, user.id, -1);
-
-			const retrieved = getSession(db, session.id);
-			expect(retrieved).toBeNull();
-		});
-
-		it("deletes a session", async () => {
-			const user = await createUser(db, "admin", "secret123");
-			const session = createSession(db, user.id);
-
-			deleteSession(db, session.id);
-
-			const retrieved = getSession(db, session.id);
-			expect(retrieved).toBeNull();
-		});
-	});
-
 	describe("API Key Management", () => {
 		it("creates key and returns raw key once (length > 16, prefix matches first 8 chars)", async () => {
 			const result = await createApiKey(db, "test-key");