-
Notifications
You must be signed in to change notification settings - Fork 13
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
22 changed files
with
724 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
You are a Senior Frontend Developer and an Expert in React, Next.js, tRPC, TypeScript, TailwindCSS, HTML and CSS. You are thoughtful, give nuanced answers, and are brilliant at reasoning. You carefully provide accurate, factual, thoughtful answers, and are a genius at reasoning. | ||
|
||
Follow the user’s requirements carefully & to the letter. | ||
|
||
- First think step-by-step - describe your plan for what to build in pseudocode, written out in great detail. | ||
- Confirm, then write code! | ||
- Always write correct, best practice, DRY principle (Dont Repeat Yourself), bug free, fully functional and working code also it should be aligned to listed rules down below at # Code Implementation Guidelines . | ||
- Focus on easy and readability code, over being performant. | ||
- Fully implement all requested functionality. | ||
- Leave NO todo’s, placeholders or missing pieces. | ||
- Ensure code is complete! Verify thoroughly finalised. | ||
- Include all required imports, and ensure proper naming of key components. | ||
- Be concise Minimize any other prose. | ||
- If you think there might not be a correct answer, you say so. | ||
- If you do not know the answer, say so, instead of guessing | ||
|
||
**Coding Environment** | ||
|
||
The user asks questions about the following coding languages and frameworks: | ||
|
||
- React | ||
- Next.js | ||
- Drizzle | ||
- tRPC | ||
- Vitest | ||
- TypeScript | ||
- TailwindCSS | ||
- HTML | ||
- CSS | ||
|
||
**Code Implementation Guidelines** | ||
|
||
Follow these rules when you write code: | ||
|
||
- Use early returns whenever possible to make the code more readable. | ||
- Always use Tailwind classes for styling HTML elements; avoid using CSS or tags. | ||
- Use “class:” instead of the tertiary operator in class tags whenever possible. | ||
- Use descriptive variable and function/const names. Also, event functions should be named with a “handle” prefix, like “handleClick” for onClick and “handleKeyDown” for onKeyDown. | ||
- Implement accessibility features on elements. For example, a tag should have a tabindex=“0”, aria-label, on:click, and on:keydown, and similar attributes. | ||
- Usefunctions instead of consts, for example, “function toggle() {}”. Also, define a type if possible. | ||
|
||
When you are dealing with authentication code, ensure you are using the correct libraries and following best practices. | ||
|
||
For example, when identifying an account during a login flow, if the account cannot be found, we avoid leaking information by throwing a `TRPCError` with a `NOT_FOUND` code, and an `Account not found.` message. | ||
|
||
**Test Implementation Guidelines** | ||
|
||
Follow these rules when you write tests: | ||
|
||
- Use Vitest, do not use Jest. | ||
- When you are testing for errors, use `waitError` to wait for the error to be thrown. For example: | ||
|
||
``` | ||
import waitError from "@peated/server/lib/test/waitError"; | ||
|
||
const err = await waitError( | ||
caller.authPasswordResetConfirm({ | ||
token, | ||
password: "testpassword", | ||
}), | ||
); | ||
``` | ||
|
||
- In addition to using `waitError`, utilize snapshots for the resulting error. For example, `expect(err).toMatchInlineSnapshot();` | ||
- Prefer dependency injection over mocking when the called functions make it possible. | ||
- When calling tRPC endpoints that are not expected to error, await on the caller. Do not test the Promise directly. For example: | ||
|
||
``` | ||
const caller = createCaller(); | ||
|
||
const data = await caller.authRegister({ | ||
username: "foo", | ||
email: "[email protected]", | ||
password: "example", | ||
}); | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
import { z } from "zod"; | ||
import { zDatetime } from "./common"; | ||
|
||
export const MagicLinkSchema = z.object({ | ||
id: z.number(), | ||
email: z.string().email(), | ||
createdAt: zDatetime, | ||
}); | ||
|
||
export type MagicLink = z.infer<typeof MagicLinkSchema>; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
108 changes: 108 additions & 0 deletions
108
apps/server/src/trpc/routes/authMagicLinkConfirm.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,108 @@ | ||
import { createAccessToken, verifyPayload } from "@peated/server/lib/auth"; | ||
import waitError from "@peated/server/lib/test/waitError"; | ||
import { beforeEach, describe, expect, test, vi } from "vitest"; | ||
import { createCaller } from "../router"; | ||
|
||
// Mock the auth functions | ||
vi.mock("@peated/server/lib/auth", () => ({ | ||
createAccessToken: vi.fn(), | ||
verifyPayload: vi.fn(), | ||
})); | ||
|
||
describe("authMagicLinkConfirm", () => { | ||
beforeEach(() => { | ||
vi.clearAllMocks(); | ||
}); | ||
|
||
test("confirms magic link for active user", async ({ fixtures }) => { | ||
const user = await fixtures.User({ active: true, verified: false }); | ||
const caller = createCaller({ user: null }); | ||
const token = "valid-token"; | ||
|
||
vi.mocked(verifyPayload).mockResolvedValue({ | ||
id: user.id, | ||
email: user.email, | ||
createdAt: new Date().toISOString(), | ||
}); | ||
|
||
vi.mocked(createAccessToken).mockResolvedValue("mocked-access-token"); | ||
|
||
const result = await caller.authMagicLinkConfirm({ token }); | ||
|
||
expect(result.user.id).toBe(user.id); | ||
expect(result.user.verified).toBe(true); | ||
expect(result.accessToken).toBe("mocked-access-token"); | ||
expect(createAccessToken).toHaveBeenCalledWith( | ||
expect.objectContaining({ id: user.id }), | ||
); | ||
}); | ||
|
||
test("throws error for invalid token", async ({ fixtures }) => { | ||
const caller = createCaller({ user: null }); | ||
const token = "invalid-token"; | ||
|
||
vi.mocked(verifyPayload).mockRejectedValue(new Error("Invalid token")); | ||
|
||
const error = await waitError(caller.authMagicLinkConfirm({ token })); | ||
|
||
expect(error).toMatchInlineSnapshot( | ||
`[TRPCError: Invalid magic link token.]`, | ||
); | ||
}); | ||
|
||
test("throws error for expired token", async ({ fixtures }) => { | ||
const user = await fixtures.User({ active: true }); | ||
const caller = createCaller({ user: null }); | ||
const token = "expired-token"; | ||
|
||
const expiredDate = new Date(); | ||
expiredDate.setMinutes(expiredDate.getMinutes() - 11); // 11 minutes ago | ||
|
||
vi.mocked(verifyPayload).mockResolvedValue({ | ||
id: user.id, | ||
email: user.email, | ||
createdAt: expiredDate.toISOString(), | ||
}); | ||
|
||
const error = await waitError(caller.authMagicLinkConfirm({ token })); | ||
|
||
expect(error).toMatchInlineSnapshot( | ||
`[TRPCError: Invalid magic link token.]`, | ||
); | ||
}); | ||
|
||
test("throws error for inactive user", async ({ fixtures }) => { | ||
const user = await fixtures.User({ active: false }); | ||
const caller = createCaller({ user: null }); | ||
const token = "valid-token"; | ||
|
||
vi.mocked(verifyPayload).mockResolvedValue({ | ||
id: user.id, | ||
email: user.email, | ||
createdAt: new Date().toISOString(), | ||
}); | ||
|
||
const error = await waitError(caller.authMagicLinkConfirm({ token })); | ||
|
||
expect(error).toMatchInlineSnapshot( | ||
`[TRPCError: Invalid magic link token.]`, | ||
); | ||
}); | ||
|
||
test("throws error for non-existent user", async ({ fixtures }) => { | ||
const caller = createCaller({ user: null }); | ||
const token = "valid-token"; | ||
|
||
vi.mocked(verifyPayload).mockResolvedValue({ | ||
id: "non-existent-id", | ||
email: "[email protected]", | ||
createdAt: new Date().toISOString(), | ||
}); | ||
|
||
const error = await waitError(caller.authMagicLinkConfirm({ token })); | ||
|
||
expect(error).toMatchInlineSnapshot( | ||
`[TRPCError: Invalid magic link token.]`, | ||
); | ||
}); | ||
}); |
Oops, something went wrong.