Skip to content

feat(auth): include user.complementary in /token response#3739

Merged
PierreBrisorgueil merged 1 commit into
masterfrom
feat/promote-complementary-to-token
May 31, 2026
Merged

feat(auth): include user.complementary in /token response#3739
PierreBrisorgueil merged 1 commit into
masterfrom
feat/promote-complementary-to-token

Conversation

@PierreBrisorgueil
Copy link
Copy Markdown
Contributor

@PierreBrisorgueil PierreBrisorgueil commented May 31, 2026
edited by coderabbitai Bot
Loading

Summary

  • Adds complementary: req.user.complementary to the user-projection object in the token handler (modules/auth/controllers/auth.controller.js), closing a gap vs the existing account controller projection and User model/schema which already expose this field.
  • Ports a regression test (modules/auth/tests/auth.token.controller.unit.tests.js) to lock the field in the projection going forward.

Why

Every devkit downstream that stores per-user UI preferences or extra data in user.complementary needs this field to survive a full-page refresh — the client calls /api/auth/token on reload to rehydrate session state. Without complementary in the token response, per-user prefs silently reset on reload.

The complementary field already exists in:

  • modules/users/models/users.model.mongoose.js (model)
  • modules/users/models/users.schema.js (Zod schema)
  • modules/users/config/users.development.config.js (read/update/updateAdmin projections)
  • modules/users/controllers/users.account.controller.js (account endpoint projection)

The token handler was the only place missing it, forcing downstreams to patch locally.

Test plan

  • npm run lint — ESLint clean
  • npm run test:unit — 111 suites, 1582 tests pass (including 2 new regression tests)
  • Phase 0 critical-review gate → OK (no findings)

Closes #3738

Summary by CodeRabbit

  • New Features

    • The authentication token endpoint now includes complementary user profile data in responses.

  • Tests

    • Added comprehensive unit tests to validate user profile data serialization in authentication responses.

@PierreBrisorgueil
feat(auth): include user.complementary in /token response
2dba053 
Generalizes the downstream patch applied by trawl_node: the `token` handler
now projects `complementary` alongside the other user fields so per-user UI
prefs / extras rehydrate across full-page refresh without local override.

Adds regression test (auth.token.controller.unit.tests.js) to lock the field
in the projection going forward.

Closes #3738
Copilot AI review requested due to automatic review settings May 31, 2026 16:57
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 31, 2026
edited
Loading

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 1e0dde1e-8e8d-4313-9665-4e3c611e02dc

📥 Commits

Reviewing files that changed from the base of the PR and between de86c6b and 2dba053.

📒 Files selected for processing (2)
  • modules/auth/controllers/auth.controller.js
  • modules/auth/tests/auth.token.controller.unit.tests.js

Walkthrough

The PR adds the complementary field to the user object returned by the /token endpoint, matching existing account controller projection. A single-line implementation change is accompanied by comprehensive unit tests covering both the presence and absence of the field to prevent regressions.

Changes

User complementary field in token response

Layer / File(s) Summary
Add complementary field to token response
modules/auth/controllers/auth.controller.js		 The token controller's user projection now includes complementary: req.user.complementary alongside identity and profile fields.
Unit tests for complementary field projection
modules/auth/tests/auth.token.controller.unit.tests.js		 Jest test suite with complete module mocking validates that the endpoint includes complementary when present on req.user and includes it as undefined when absent, ensuring projection shape consistency.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~18 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately and specifically describes the main change: adding the complementary field to the token response in the auth module.
Description check ✅ Passed The description covers the summary, motivation, and test results. However, it lacks structured sections matching the template including explicit Scope, Validation checklist completion, and Guardrails sections.
Linked Issues check ✅ Passed The pull request successfully implements all objectives from issue #3738: adds complementary field to token response, includes regression tests, and prevents downstream drift.
Out of Scope Changes check ✅ Passed All changes directly support the stated objectives: controller modification adds the complementary field, and unit tests validate the new behavior without unrelated modifications.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/promote-complementary-to-token

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI reviewed May 31, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds the complementary field to the user projection returned by the /api/auth/token handler so that per-user UI prefs / extras stored on user.complementary survive a full-page refresh, matching the existing User model, schema, and account controller projection. A new ESM unit test file locks in this projection key to prevent future regressions.

Changes:

  • Add complementary: req.user.complementary to the token handler's user projection in modules/auth/controllers/auth.controller.js.
  • Add new unit tests modules/auth/tests/auth.token.controller.unit.tests.js asserting complementary is present in the /token response (both populated and undefined cases).

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
modules/auth/controllers/auth.controller.js Adds complementary to the projected user object in the token handler.
modules/auth/tests/auth.token.controller.unit.tests.js New ESM unit tests guarding the complementary field in the /token user projection.

@codecov
Copy link
Copy Markdown

codecov Bot commented May 31, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.92%. Comparing base (de86c6b) to head (2dba053).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #3739   +/-   ##
=======================================
  Coverage   89.92%   89.92%           
=======================================
  Files         148      148           
  Lines        4865     4865           
  Branches     1533     1533           
=======================================
  Hits         4375     4375           
  Misses        385      385           
  Partials      105      105
Flag Coverage Δ
integration 59.95% <ø> (ø)
unit 67.62% <ø> (+0.30%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update de86c6b...2dba053. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@PierreBrisorgueil PierreBrisorgueil merged commit 5f757e6 into master May 31, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat(auth): include user.complementary in /token response

2 participants

@PierreBrisorgueil