ramadhan sjamsani
d09e50af55
- Backend: payment_sessions + pairing_failures tables; payment.service.js and pairing-failure.service.js (new); rewritten pairing.service.js (payment-gated blast + targeted "Curhat lagi" + cancel + fallback); rewritten extension.service.js (data-driven auto-approve with offline safeguard, charge-at-approval); pricing.service.js (extension tiers without free trial); mitra-status.service.js (countAvailableMitras cached path); 60s sweeper for stale payment sessions - Backend routes: client.payment.routes, client.mitra-availability.routes, internal/failed-pairings.routes; client.chat.routes rewritten for payment-gated start + /returning + /cancel + /fallback-to-blast; internal/config.routes adds 4 new keys with Valkey invalidate publish - client_app: mitra-availability poll, payment screen + notifier, pairing notifier rewrite (PairingTargetedWaiting + PairingFailed states), targeted-waiting overlay + bestie-unavailable dialog, "Curhat lagi" CTA, failed-pairing terminal, extension via payment-session - mitra_app: PairingRequestType enum, returning-chat 20s countdown auto-dismiss, extension card "otomatis disetujui" copy - control_center: 4 new config rows in Settings, Failed Pairings page (filter + paginate + action menu), sidebar + route registered - Test infrastructure: Vitest backend (7/7 pass), Playwright CC (4/4 pass), Maestro mobile scaffold (CLI install pending) - Bugs found via Playwright + fixed: LoginPage labels not associated with inputs (a11y); backend internal CORS missing PATCH/PUT/DELETE in allow-methods (silent settings breakage in browsers since Stage 4) - Docs: phase3.7.md PRD, phase3.7-plan.md, phase3.7-questions.md (Q&A), phase3.7-testing.md (E2E checklist), phase3.7-test-run-2026-05-03.md (today's run results) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
43 lines
1.5 KiB
JavaScript
43 lines
1.5 KiB
JavaScript
import jwt from 'jsonwebtoken'
|
|
import { randomUUID } from 'node:crypto'
|
|
import { UserType } from '../../src/constants.js'
|
|
|
|
/**
|
|
* Mint a JWT that the production `authenticate` plugin will accept. Mirrors the
|
|
* payload shape from src/services/token.service.js#signAccessToken.
|
|
*
|
|
* We deliberately do NOT call issueTokens (which writes an auth_sessions row) so
|
|
* tests stay independent of that table. The access-token verification path in
|
|
* production never reads the DB — it only validates the JWT signature + claims.
|
|
*
|
|
* sessionId defaults to a random UUID; pass an explicit one if a test asserts on
|
|
* the session_id value.
|
|
*/
|
|
const sign = ({ userType, userId, sessionId = randomUUID() }) => {
|
|
const secret = process.env.AUTH_JWT_SECRET
|
|
if (!secret || secret.length < 32) {
|
|
throw new Error('AUTH_JWT_SECRET missing or too short for test JWT minting')
|
|
}
|
|
return jwt.sign(
|
|
{ user_type: userType, session_id: sessionId },
|
|
secret,
|
|
{
|
|
algorithm: 'HS256',
|
|
expiresIn: 3600,
|
|
subject: userId,
|
|
},
|
|
)
|
|
}
|
|
|
|
export const customerJwt = (userId, opts = {}) =>
|
|
sign({ userType: UserType.CUSTOMER, userId, ...opts })
|
|
|
|
export const mitraJwt = (userId, opts = {}) =>
|
|
sign({ userType: UserType.MITRA, userId, ...opts })
|
|
|
|
export const ccJwt = (userId, opts = {}) =>
|
|
sign({ userType: UserType.CC_USER, userId, ...opts })
|
|
|
|
/** `Authorization: Bearer …` header builder for app.inject calls. */
|
|
export const authHeader = (token) => ({ authorization: `Bearer ${token}` })
|