Skip to content

Commit dd14837

Browse files
committed
fix(backend): restore real auth.js exports in test mocks so suites load
PR #703 changed the auth.js mock in the five stream route test files to a plain factory that returns only requireAuth and requireAdmin. auth.js also exports issueChallenge, verifyChallenge and verifyJwt, which auth.routes wires up when the app is constructed. With those exports missing from the mock, importing src/app.js throws [vitest] No "issueChallenge" export is defined on the "auth.js" mock so all five suites fail to load and the Backend CI job goes red (5 failed suites, coverage step skipped). Use vi.mock with importOriginal to spread the module's real exports and override only requireAuth/requireAdmin. The app loads, the middleware is still stubbed, and the suites run. Verified: 36 suites / 184 tests pass; coverage 70.15% stmts, 66.73% branches, 72.34% funcs, 70.15% lines — all above the 60% gate.
1 parent 6b1fd3c commit dd14837

5 files changed

Lines changed: 74 additions & 48 deletions

File tree

backend/tests/integration/streams.test.ts

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,16 +11,22 @@ import request from 'supertest';
1111
// Bypass Stellar signature verification on POST /v1/streams. The route is
1212
// exercised here as a stand-in for the indexer worker, so we replace the auth
1313
// middleware with a stub that injects a deterministic wallet.
14-
// Simple factory — no importOriginal — reliable with pool:forks.
15-
vi.mock('../../src/middleware/auth.js', () => ({
16-
requireAuth: (req: any, _res: any, next: any) => {
17-
req.user = { publicKey: 'GTEST_USER_PUBLIC_KEY' };
18-
next();
19-
},
20-
requireAdmin: (_req: any, res: any, _next: any) => {
21-
res.status(403).json({ error: 'Forbidden' });
22-
},
23-
}));
14+
// Preserve the module's real exports (issueChallenge, verifyChallenge,
15+
// verifyJwt) — auth.routes wires them up at app construction — while stubbing
16+
// only the middleware so requests bypass JWT verification.
17+
vi.mock('../../src/middleware/auth.js', async (importOriginal) => {
18+
const actual = await importOriginal<typeof import('../../src/middleware/auth.js')>();
19+
return {
20+
...actual,
21+
requireAuth: (req: any, _res: any, next: any) => {
22+
req.user = { publicKey: 'GTEST_USER_PUBLIC_KEY' };
23+
next();
24+
},
25+
requireAdmin: (_req: any, res: any, _next: any) => {
26+
res.status(403).json({ error: 'Forbidden' });
27+
},
28+
};
29+
});
2430

2531
// ─── Mocks (using vi.hoisted to ensure they are available to vi.mock) ─────────
2632

backend/tests/integration/streams/cancel.test.ts

Lines changed: 13 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -39,15 +39,19 @@ vi.mock('../../../src/lib/prisma.js', () => {
3939

4040
// Mock auth middleware to bypass real Stellar signature verification.
4141
// Uses a simple factory (no importOriginal) so it is reliable with pool:forks.
42-
vi.mock('../../../src/middleware/auth.js', () => ({
43-
requireAuth: (req: any, _res: any, next: any) => {
44-
req.user = { publicKey: 'G_SENDER_123' };
45-
next();
46-
},
47-
requireAdmin: (_req: any, res: any, _next: any) => {
48-
res.status(403).json({ error: 'Forbidden' });
49-
},
50-
}));
42+
vi.mock('../../../src/middleware/auth.js', async (importOriginal) => {
43+
const actual = await importOriginal<typeof import('../../../src/middleware/auth.js')>();
44+
return {
45+
...actual,
46+
requireAuth: (req: any, _res: any, next: any) => {
47+
req.user = { publicKey: 'G_SENDER_123' };
48+
next();
49+
},
50+
requireAdmin: (_req: any, res: any, _next: any) => {
51+
res.status(403).json({ error: 'Forbidden' });
52+
},
53+
};
54+
});
5155

5256
// ─── App import (after mocks) ───────────────────────────────────────────────
5357

backend/tests/integration/streams/withdraw.test.ts

Lines changed: 13 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -33,15 +33,19 @@ vi.mock('../../../src/services/sorobanService.js', () => ({
3333
}));
3434

3535
// Simple factory — no importOriginal — reliable with pool:forks.
36-
vi.mock('../../../src/middleware/auth.js', () => ({
37-
requireAuth: (req: any, _res: any, next: any) => {
38-
req.user = { publicKey: currentUser.publicKey };
39-
next();
40-
},
41-
requireAdmin: (_req: any, res: any, _next: any) => {
42-
res.status(403).json({ error: 'Forbidden' });
43-
},
44-
}));
36+
vi.mock('../../../src/middleware/auth.js', async (importOriginal) => {
37+
const actual = await importOriginal<typeof import('../../../src/middleware/auth.js')>();
38+
return {
39+
...actual,
40+
requireAuth: (req: any, _res: any, next: any) => {
41+
req.user = { publicKey: currentUser.publicKey };
42+
next();
43+
},
44+
requireAdmin: (_req: any, res: any, _next: any) => {
45+
res.status(403).json({ error: 'Forbidden' });
46+
},
47+
};
48+
});
4549

4650
import app from '../../../src/app.js';
4751

backend/tests/integration/top-up.test.ts

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -58,16 +58,22 @@ vi.mock('../../src/services/sorobanService.js', () => ({
5858
cancelStream: vi.fn(),
5959
}));
6060

61-
// Simple factory — no importOriginal — reliable with pool:forks.
62-
vi.mock('../../src/middleware/auth.js', () => ({
63-
requireAuth: vi.fn((req: any, _res: any, next: any) => {
64-
req.user = { publicKey: req.headers['x-test-caller'] ?? SENDER };
65-
next();
66-
}),
67-
requireAdmin: vi.fn((_req: any, res: any, _next: any) => {
68-
res.status(403).json({ error: 'Forbidden' });
69-
}),
70-
}));
61+
// Preserve the module's real exports (issueChallenge, verifyChallenge,
62+
// verifyJwt) — auth.routes wires them up at app construction — while stubbing
63+
// only the middleware so requests bypass JWT verification.
64+
vi.mock('../../src/middleware/auth.js', async (importOriginal) => {
65+
const actual = await importOriginal<typeof import('../../src/middleware/auth.js')>();
66+
return {
67+
...actual,
68+
requireAuth: vi.fn((req: any, _res: any, next: any) => {
69+
req.user = { publicKey: req.headers['x-test-caller'] ?? SENDER };
70+
next();
71+
}),
72+
requireAdmin: vi.fn((_req: any, res: any, _next: any) => {
73+
res.status(403).json({ error: 'Forbidden' });
74+
}),
75+
};
76+
});
7177

7278
// App import after mocks
7379
import app from '../../src/app.js';

backend/tests/stream.test.ts

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,22 @@
11
import { describe, it, expect, vi, beforeEach } from 'vitest';
22
import request from 'supertest';
33

4-
// Simple factory — no importOriginal — reliable with pool:forks.
5-
vi.mock('../src/middleware/auth.js', () => ({
6-
requireAuth: (req: any, _res: any, next: any) => {
7-
req.user = { publicKey: 'GTEST_USER_PUBLIC_KEY' };
8-
next();
9-
},
10-
requireAdmin: (_req: any, res: any, _next: any) => {
11-
res.status(403).json({ error: 'Forbidden' });
12-
},
13-
}));
4+
// Preserve the module's real exports (issueChallenge, verifyChallenge,
5+
// verifyJwt) — auth.routes wires them up at app construction — while stubbing
6+
// only the middleware so requests bypass JWT verification.
7+
vi.mock('../src/middleware/auth.js', async (importOriginal) => {
8+
const actual = await importOriginal<typeof import('../src/middleware/auth.js')>();
9+
return {
10+
...actual,
11+
requireAuth: (req: any, _res: any, next: any) => {
12+
req.user = { publicKey: 'GTEST_USER_PUBLIC_KEY' };
13+
next();
14+
},
15+
requireAdmin: (_req: any, res: any, _next: any) => {
16+
res.status(403).json({ error: 'Forbidden' });
17+
},
18+
};
19+
});
1420

1521
vi.mock('../src/middleware/stream-rate-limiter.middleware.js', () => ({
1622
streamCreationRateLimiter: (_req: any, _res: any, next: any) => next(),

0 commit comments

Comments
 (0)