Open
Conversation
TokenResult.refreshTokenExpiresAt was Date while expiresAt was number (Unix seconds), causing inconsistent token expiry formats in the API response. - auth-token.port.ts: refreshTokenExpiresAt Date -> number - auth-token.service.ts: produce Unix timestamp instead of Date object - login/refresh/oauth-exchange usecases: convert to Date only at DB write boundary - auth.mapper.ts, login.output.ts, refresh.output.ts: update types accordingly
- CheckUserUseCase: 3 tests (user found, user not found, correct identifier passed) - LoginUseCase: 5 tests (user not found, OAuth user, wrong password, soft-deleted account, happy path token return) - add tests/unit/helpers/mock-factories.ts with buildUser() factory
…PrismaUserRepository
- 3 test cases: password hashing + delegation args, return value, error propagation
Single-write operations don't require a transaction. LogoutUseCase now injects IRefreshTokenRepository directly instead of TransactionPort. Also adds buildRefreshToken() factory to test helpers.
- 5 test cases: empty token guard, token hashing, token not found, already revoked, and successful revocation
Generated refresh token was never saved to DB, causing all subsequent /auth/refresh calls to fail with 'Session not found' after account recovery.
- 6 test cases: token not found, revoked token (reuse attack + revokeAll), expired token, user not found, soft-deleted user, happy path (token rotation)
…UseCase Direct import from @infrastructure violated Clean Architecture layer rules. Use-cases must only depend on port interfaces.
5 tests: user not found, soft-deleted, unverified email, OAuth-only (no password), happy path (OTP + upsert + email)
Replaces hardcoded 10-min expiry in ForgotPassword and SendVerificationEmail use-cases with constructor-injected otpExpiryMs. DI passes config.OTP_EXPIRY_MS (default 600_000ms). Keeps Clean Architecture boundaries intact.
aquie00t
temporarily deployed
to
chore/unit-tests-use-cases - tdn-api PR #119
Render
Destroyed
5 tests: user not found, soft-deleted, already verified (silent return), happy path (OTP + upsert + email), expiresAt respects OTP_EXPIRY_SECONDS
- Add timingSafeEqual() to CryptoPort + CryptoService (Node crypto module) - Add verificationTokenRepository to TransactionContext + TransactionService - VerifyEmailUseCase: use timingSafeEqual, wrap update+delete in transaction - ResetPasswordUseCase: same — prevents orphan tokens on partial failure
aquie00t
temporarily deployed
to
chore/unit-tests-use-cases - tdn-api PR #119
Render
Destroyed
- Add buildVerificationToken() factory to mock-factories for use in VerifyEmailUseCase and ResetPasswordUseCase unit tests - Fix global-setup: use pnpm prisma instead of npx prisma for migrate reset
InjectionMode.CLASSIC resolves dependencies by parameter position, not by name. Object destructuring in asFunction factories causes the entire cradle to be passed as a single undefined argument. Affected use cases: - sendVerificationEmailUseCase - verifyEmailUseCase - forgotPasswordUseCase - resetPasswordUseCase This was causing all e2e tests to fail with: TypeError: Cannot read properties of undefined (reading 'OTP_EXPIRY_SECONDS')
7 cases: user not found, soft-deleted user, already verified (silent), token not found, expired token, OTP mismatch, happy path. Covers timing-safe OTP comparison (timingSafeEqual) and atomic transaction behavior (update user + delete token in single tx).
- fix: replace BadRequestError with UnauthorizedError for not-found/active user - fix: add isDeleted() guard to prevent token replay on active accounts - test: cover invalid token, wrong purpose, user not found, already active, successful recovery and refresh token device info scenarios
- fix: skip cache invalidation when post was already bookmarked - fix: wrap cache invalidation in try/catch to prevent non-critical failures from surfacing
- fix: skip cache invalidation when post was not bookmarked - fix: wrap cache invalidation in try/catch to prevent non-critical failures from surfacing
…arkUseCase unit tests
- CreateCommentUseCase: 7 tests (post/parent not found, cross-post parent, top-level notification, reply notification, self-comment no notify) - DeleteCommentUseCase: 5 tests (not found, forbidden, top-level delete, reply repliesCount decrement, cache error silenced) - GetCommentUseCase: 3 tests - GetCommentRepliesUseCase: 4 tests (not found, replies returned, pagination offset, currentUserId) - GetPostCommentsUseCase: 4 tests - LikeCommentUseCase: 5 tests (not found, idempotent, add+increment, self no notify, notify+realtime) - UnlikeCommentUseCase: 3 tests fix(comment): wrap cache deleteByPattern in try/catch in DeleteCommentUseCase feat(test): add buildComment factory to mock-factories
- FollowUserUseCase: inject IProfileRepository, throw NotFoundError when target not found - Add unit tests for follow-user, unfollow-user, get-followers, get-following use cases (18 tests) - Add buildProfile factory to mock-factories - fix(comment): add missing page/limit fields to get-comment-replies test
…erNotificationUseCase
- Add buildNotification factory to mock-factories - Add 5 unit tests: empty result, data return, skip calculation (page 1 & paginated), parallel calls
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
A brief description of the changes introduced.
Closes #
Type of Change
Checklist
feature/,fix/,chore/,docs/)