Phase 3.7: paid pairing flow + returning chat + extension flip

- Backend: payment_sessions + pairing_failures tables; payment.service.js and pairing-failure.service.js (new); rewritten pairing.service.js (payment-gated blast + targeted "Curhat lagi" + cancel + fallback); rewritten extension.service.js (data-driven auto-approve with offline safeguard, charge-at-approval); pricing.service.js (extension tiers without free trial); mitra-status.service.js (countAvailableMitras cached path); 60s sweeper for stale payment sessions - Backend routes: client.payment.routes, client.mitra-availability.routes, internal/failed-pairings.routes; client.chat.routes rewritten for payment-gated start + /returning + /cancel + /fallback-to-blast; internal/config.routes adds 4 new keys with Valkey invalidate publish - client_app: mitra-availability poll, payment screen + notifier, pairing notifier rewrite (PairingTargetedWaiting + PairingFailed states), targeted-waiting overlay + bestie-unavailable dialog, "Curhat lagi" CTA, failed-pairing terminal, extension via payment-session - mitra_app: PairingRequestType enum, returning-chat 20s countdown auto-dismiss, extension card "otomatis disetujui" copy - control_center: 4 new config rows in Settings, Failed Pairings page (filter + paginate + action menu), sidebar + route registered - Test infrastructure: Vitest backend (7/7 pass), Playwright CC (4/4 pass), Maestro mobile scaffold (CLI install pending) - Bugs found via Playwright + fixed: LoginPage labels not associated with inputs (a11y); backend internal CORS missing PATCH/PUT/DELETE in allow-methods (silent settings breakage in browsers since Stage 4) - Docs: phase3.7.md PRD, phase3.7-plan.md, phase3.7-questions.md (Q&A), phase3.7-testing.md (E2E checklist), phase3.7-test-run-2026-05-03.md (today's run results) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 23:02:49 +08:00
parent f3766813f3
commit d09e50af55
92 changed files with 9579 additions and 437 deletions
--- a/backend/test/helpers/jwt.js
+++ b/backend/test/helpers/jwt.js
@@ -0,0 +1,42 @@
+import jwt from 'jsonwebtoken'
+import { randomUUID } from 'node:crypto'
+import { UserType } from '../../src/constants.js'
+
+/**
+ * Mint a JWT that the production `authenticate` plugin will accept. Mirrors the
+ * payload shape from src/services/token.service.js#signAccessToken.
+ *
+ * We deliberately do NOT call issueTokens (which writes an auth_sessions row) so
+ * tests stay independent of that table. The access-token verification path in
+ * production never reads the DB — it only validates the JWT signature + claims.
+ *
+ * sessionId defaults to a random UUID; pass an explicit one if a test asserts on
+ * the session_id value.
+ */
+const sign = ({ userType, userId, sessionId = randomUUID() }) => {
+  const secret = process.env.AUTH_JWT_SECRET
+  if (!secret || secret.length < 32) {
+    throw new Error('AUTH_JWT_SECRET missing or too short for test JWT minting')
+  }
+  return jwt.sign(
+    { user_type: userType, session_id: sessionId },
+    secret,
+    {
+      algorithm: 'HS256',
+      expiresIn: 3600,
+      subject: userId,
+    },
+  )
+}
+
+export const customerJwt = (userId, opts = {}) =>
+  sign({ userType: UserType.CUSTOMER, userId, ...opts })
+
+export const mitraJwt = (userId, opts = {}) =>
+  sign({ userType: UserType.MITRA, userId, ...opts })
+
+export const ccJwt = (userId, opts = {}) =>
+  sign({ userType: UserType.CC_USER, userId, ...opts })
+
+/** `Authorization: Bearer …` header builder for app.inject calls. */
+export const authHeader = (token) => ({ authorization: `Bearer ${token}` })