import { beforeEach, describe, expect, it, vi } from "vitest"; const { mockGetRequestEvent, mockRedirect, mockAxiosPost, mockIo, mockApi } = vi.hoisted(() => ({ mockGetRequestEvent: vi.fn(), mockRedirect: vi.fn(), mockAxiosPost: vi.fn(), mockIo: vi.fn(), mockApi: { get: vi.fn(), post: vi.fn(), }, })); vi.mock("$app/server", () => ({ getRequestEvent: mockGetRequestEvent, })); vi.mock("$env/static/public", () => ({ PUBLIC_API_URL: "https://api.example.com", })); vi.mock("@sveltejs/kit", () => ({ redirect: mockRedirect, })); vi.mock("axios", () => ({ default: { post: mockAxiosPost }, post: mockAxiosPost, })); vi.mock("../axios", () => ({ default: mockApi, api: mockApi, })); vi.mock("socket.io-client", () => ({ io: mockIo, })); import { user } from "./user"; describe("user module", () => { beforeEach(() => { vi.clearAllMocks(); }); it("isLoggedIn returns true when accessToken cookie exists", () => { mockGetRequestEvent.mockReturnValueOnce({ cookies: { get: vi.fn().mockReturnValue("token"), }, }); expect(user.isLoggedIn()).toBe(true); }); it("isLoggedIn returns false when accessToken cookie is missing", () => { mockGetRequestEvent.mockReturnValueOnce({ cookies: { get: vi.fn().mockReturnValue(undefined), }, }); expect(user.isLoggedIn()).toBe(false); }); it("refreshSession posts refresh header and returns token payload", async () => { mockAxiosPost.mockResolvedValueOnce({ data: { data: { accessToken: "new-access", refreshToken: "new-refresh", }, }, }); const result = await user.refreshSession("refresh-123"); expect(mockAxiosPost).toHaveBeenCalledWith( "https://api.example.com/v1/auth/refresh", {}, { headers: { "x-refresh-token": "refresh-123", }, }, ); expect(result).toEqual({ accessToken: "new-access", refreshToken: "new-refresh", }); }); it("fetchInfo and checkPermissions call expected endpoints", async () => { mockApi.get.mockResolvedValueOnce({ data: { data: { id: "me" } } }); mockApi.post.mockResolvedValueOnce({ data: { data: { results: [] } } }); await user.fetchInfo("token"); await user.checkPermissions("token", ["company.read"]); expect(mockApi.get).toHaveBeenCalledWith("/v1/user/@me", { headers: { Authorization: "Bearer token" }, }); expect(mockApi.post).toHaveBeenCalledWith( "/v1/user/@me/check-permission", { permissions: ["company.read"] }, { headers: { Authorization: "Bearer token" } }, ); }); it("logout clears auth cookies and redirects", () => { const deleteCookie = vi.fn(); const fakeRedirect = { status: 303, location: "/login" }; mockRedirect.mockReturnValueOnce(fakeRedirect); const result = user.logout({ cookies: { delete: deleteCookie }, } as any); expect(deleteCookie).toHaveBeenCalledWith("accessToken", { path: "/" }); expect(deleteCookie).toHaveBeenCalledWith("refreshToken", { path: "/" }); expect(mockRedirect).toHaveBeenCalledWith(303, "/login"); expect(result).toBe(fakeRedirect); }); it("awaitAuthCallback resolves when socket event delivers tokens", async () => { const handlers: Record void> = {}; const disconnect = vi.fn(); mockIo.mockReturnValueOnce({ on: vi.fn((event: string, callback: (payload?: any) => void) => { handlers[event] = callback; }), disconnect, }); const promise = user.awaitAuthCallback("cb-key"); handlers["auth:login:callback:cb-key"]?.({ accessToken: "access", refreshToken: "refresh", }); await expect(promise).resolves.toEqual({ accessToken: "access", refreshToken: "refresh", }); expect(disconnect).toHaveBeenCalled(); }); it("awaitAuthCallback rejects on connect_error", async () => { const handlers: Record void> = {}; mockIo.mockReturnValueOnce({ on: vi.fn((event: string, callback: (payload?: any) => void) => { handlers[event] = callback; }), disconnect: vi.fn(), }); const promise = user.awaitAuthCallback("cb-key"); handlers.connect_error?.(new Error("socket failed")); await expect(promise).rejects.toThrow("socket failed"); }); });