The executor agents wrote sync SQLite-style calls (.get(), .all(), .run()) instead of the async Postgres pattern established in Phase 14. Fixed: - auth.service.ts: use await + destructuring for all DB operations - auth routes: await listApiKeys - All auth test files: async createTestDb(), await service calls Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
69 lines
2.0 KiB
TypeScript
69 lines
2.0 KiB
TypeScript
import { beforeEach, describe, expect, it } from "bun:test";
|
|
import {
|
|
createApiKey,
|
|
deleteApiKey,
|
|
listApiKeys,
|
|
verifyApiKey,
|
|
} from "../../src/server/services/auth.service.ts";
|
|
import { createTestDb } from "../helpers/db.ts";
|
|
|
|
describe("Auth Service", () => {
|
|
let db: Awaited<ReturnType<typeof createTestDb>>;
|
|
|
|
beforeEach(async () => {
|
|
db = await createTestDb();
|
|
});
|
|
|
|
describe("API Key Management", () => {
|
|
it("creates key and returns raw key once (length > 16, prefix matches first 8 chars)", async () => {
|
|
const result = await createApiKey(db, "test-key");
|
|
|
|
expect(result).toBeDefined();
|
|
expect(result.rawKey).toBeDefined();
|
|
expect(result.rawKey.length).toBeGreaterThan(16);
|
|
expect(result.keyPrefix).toBe(result.rawKey.slice(0, 8));
|
|
expect(result.name).toBe("test-key");
|
|
});
|
|
|
|
it("verifies valid key returns true", async () => {
|
|
const result = await createApiKey(db, "test-key");
|
|
const isValid = await verifyApiKey(db, result.rawKey);
|
|
|
|
expect(isValid).toBe(true);
|
|
});
|
|
|
|
it("rejects invalid key returns false", async () => {
|
|
await createApiKey(db, "test-key");
|
|
const isValid = await verifyApiKey(db, "invalidkey12345678");
|
|
|
|
expect(isValid).toBe(false);
|
|
});
|
|
|
|
it("deletes key so it is no longer valid", async () => {
|
|
const result = await createApiKey(db, "test-key");
|
|
await deleteApiKey(db, result.id);
|
|
|
|
const isValid = await verifyApiKey(db, result.rawKey);
|
|
expect(isValid).toBe(false);
|
|
});
|
|
|
|
it("listApiKeys returns keys without hashes", async () => {
|
|
await createApiKey(db, "key-one");
|
|
await createApiKey(db, "key-two");
|
|
|
|
const keys = await listApiKeys(db);
|
|
expect(keys).toHaveLength(2);
|
|
expect(keys[0].name).toBe("key-one");
|
|
expect(keys[1].name).toBe("key-two");
|
|
// Ensure no hash is exposed
|
|
for (const key of keys) {
|
|
expect(key).toHaveProperty("id");
|
|
expect(key).toHaveProperty("name");
|
|
expect(key).toHaveProperty("keyPrefix");
|
|
expect(key).toHaveProperty("createdAt");
|
|
expect(key).not.toHaveProperty("keyHash");
|
|
}
|
|
});
|
|
});
|
|
});
|