makiolaj/GearBox
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 10 Wiki Activity

feat(28-01): add account management routes for password, email, and deletion

Browse Source 
Creates /api/account routes with password change (verifies current first),
email update, has-password check, and account deletion with public setup
anonymization. Adds Zod validation schemas and registers routes in index.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jean-Luc Makiola
2026-04-12 17:47:17 +02:00
parent fcd8279d79
commit e8207a33f9
5 changed files with 220 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
tests/services/logto.service.test.ts
View File

@@ -28,7 +28,11 @@ describe("LogtoManagementClient", () => {
}
// GET user
if (url.includes("/api/users/") && options.method === "GET" && !url.includes("has-password")) {
if (
url.includes("/api/users/") &&
options.method === "GET" &&
!url.includes("has-password")
) {
return Promise.resolve(
new Response(
JSON.stringify({
@@ -112,9 +116,7 @@ describe("LogtoManagementClient", () => {
await client.getAccessToken();
// Only one call to token endpoint — second call uses cache
const tokenCalls = fetchCalls.filter((c) =>
c.url.includes("/oidc/token"),
);
const tokenCalls = fetchCalls.filter((c) => c.url.includes("/oidc/token"));
expect(tokenCalls.length).toBe(1);
});
@@ -128,9 +130,7 @@ describe("LogtoManagementClient", () => {
await client.getAccessToken();
const tokenCalls = fetchCalls.filter((c) =>
c.url.includes("/oidc/token"),
);
const tokenCalls = fetchCalls.filter((c) => c.url.includes("/oidc/token"));
expect(tokenCalls.length).toBe(2);
});
@@ -147,7 +147,7 @@ describe("LogtoManagementClient", () => {
test("verifyPassword returns false on 422", async () => {
// Override fetch for this specific test
globalThis.fetch = mock((url: string, options: RequestInit) => {
globalThis.fetch = mock((url: string, _options: RequestInit) => {
if (url.includes("/oidc/token")) {
return Promise.resolve(
new Response(
@@ -218,8 +218,7 @@ describe("LogtoManagementClient", () => {
const deleteCall = fetchCalls.find(
(c) =>
c.url.includes("/api/users/sub-123") &&
c.options.method === "DELETE",
c.url.includes("/api/users/sub-123") && c.options.method === "DELETE",
);
expect(deleteCall).toBeDefined();
});
@@ -251,16 +250,13 @@ describe("LogtoManagementClient", () => {
// Token call should go to https://logto.example.com/oidc/token
const tokenCall = fetchCalls.find((c) => c.url.includes("/oidc/token"));
expect(tokenCall!.url).toBe(
"https://logto.example.com/oidc/token",
);
expect(tokenCall!.url).toBe("https://logto.example.com/oidc/token");
// API call should go to https://logto.example.com/api/users/test-sub
const apiCall = fetchCalls.find(
(c) => c.url.includes("/api/users/test-sub") && c.options.method === "GET",
);
expect(apiCall!.url).toBe(
"https://logto.example.com/api/users/test-sub",
(c) =>
c.url.includes("/api/users/test-sub") && c.options.method === "GET",
);
expect(apiCall!.url).toBe("https://logto.example.com/api/users/test-sub");
});
});