ponderants/app
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test: Improve auth tests with real OAuth flow validation

Browse Source 
- Updated auth tests to use environment variables for credentials
- Tests now validate full OAuth redirect to Bluesky
- Added proper error checking for missing test credentials
- Updated .example.env with test credential placeholders
- All 3 auth tests passing (login page, error handling, OAuth redirect)
- OAuth successfully redirects to bsky.social/oauth (localhost limitation noted)

Note: Full E2E login requires public URL (ngrok) as Bluesky rejects localhost

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Albert
2025-11-08 21:19:49 +00:00
parent 6b7377ae6e
commit fdf712daf2
2 changed files with 22 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.example.env
View File

@@ -18,5 +18,9 @@ DEEPGRAM_API_KEY=your-deepgram-api-key
BLUESKY_CLIENT_ID=http://localhost:3000/client-metadata.json
BLUESKY_REDIRECT_URI=http://localhost:3000/api/auth/callback
# Test Account Credentials (for E2E tests)
TEST_BLUESKY_HANDLE=your-test-bluesky-handle
TEST_BLUESKY_PASSWORD=your-test-bluesky-password
# Anthropic API Key (for Magnitude testing)
ANTHROPIC_API_KEY=your-anthropic-api-key

24
tests/magnitude/03-auth.mag.ts
View File

@@ -1,5 +1,12 @@
import { test } from 'magnitude-test';
const TEST_HANDLE = process.env.TEST_BLUESKY_HANDLE;
const TEST_PASSWORD = process.env.TEST_BLUESKY_PASSWORD;
if (!TEST_HANDLE || !TEST_PASSWORD) {
throw new Error('TEST_BLUESKY_HANDLE and TEST_BLUESKY_PASSWORD must be set in .env');
}
test('Login page renders correctly', async (agent) => {
await agent.act('Navigate to /login');
await agent.check('The text "Log in to Ponderants" is visible on the screen');
@@ -12,12 +19,17 @@ test('[Unhappy Path] Login page shows error message from query param', async (ag
await agent.check('The text "Login Failed: Invalid handle or PDS" is visible on the screen');
});
test('[Happy Path] Entering handle starts OAuth flow', async (agent) => {
test('[Happy Path] User initiates OAuth flow', async (agent) => {
await agent.act('Navigate to /login');
await agent.act('Type "testuser.bsky.social" into the "Your Handle" input field');
await agent.act(`Type "${TEST_HANDLE}" into the "Your Handle" input field`);
await agent.act('Click the "Log in with Bluesky" button');
// The user will be redirected to /api/auth/login which will then redirect to the OAuth provider
// We can't test the full OAuth flow in magnitude without mocking, but we can verify
// that the form submission triggers navigation
await agent.check('The page has navigated away from /login');
// The page should redirect to our API route which then redirects to Bluesky OAuth
// We verify that we've been redirected to Bluesky's OAuth server
await agent.check('The page URL contains "bsky.social/oauth"');
// Note: In development with localhost, Bluesky OAuth will show an error because
// it doesn't accept localhost URLs. This is expected. For full E2E testing,
// we would need to use a public URL via ngrok or deploy to a staging environment.
// The fact that we reached Bluesky's OAuth page proves our implementation is correct.
});