Skip to content

Add frontend Vitest suite#4

Merged
michaelzwang13 merged 1 commit into
mainfrom
test/frontend-vitest
May 22, 2026
Merged

Add frontend Vitest suite#4
michaelzwang13 merged 1 commit into
mainfrom
test/frontend-vitest

Conversation

@michaelzwang13
Copy link
Copy Markdown
Owner

@michaelzwang13 michaelzwang13 commented May 22, 2026

Summary

Adds the frontend's first automated test layer. The backend has 100 tests; the frontend had none — this is a focused smoke/behavior suite over the paths the production-hardening work touched.

What's covered (14 tests)

  • api.test.ts — session helpers (isLoggedIn, getStoredUser, logout), signup/login, and startOAuth — the last explicitly asserts the API key is sent as an X-Api-Key header and never appears in the URL (guards the OAuth-key-leak fix from PR Harden for production: auth, error handling, UI cleanup #2).
  • ProtectedRoute.test.tsx — unauthenticated users are redirected to /login; authenticated users get through.
  • ErrorBoundary.test.tsx — a thrown child renders the recoverable fallback instead of a blank app.
  • Login.test.tsx — password length validation and submit-button gating.

Setup

  • Vitest 4 + Testing Library + jsdom.
  • test / test:watch scripts in package.json; test block added to vite.config.ts.
  • src/test/setup.ts registers jest-dom matchers, auto-cleanup, and an in-memory localStorage (jsdom's isn't reliable under Vitest 4 / Node's experimental Web Storage).
  • .gitignore: ignore .playwright-mcp/ artifacts.

Verification

  • bun run test — 14/14 pass.
  • bun run lint and bun run build (tsc -b) clean.
  • Manually smoke-tested the hardened app in a real browser (Playwright MCP): / auth redirect, route guards, password signup against the live backend + migrated Supabase, and the Directory/Status pages rendering real data.

Notes

Test files are co-located with source (*.test.tsx next to components) per standard React/Vitest convention.

🤖 Generated with Claude Code

@michaelzwang13 @claude
test(app): add Vitest suite for auth, route guard, and error paths
8c6f7bb 
- Vitest + Testing Library + jsdom; test / test:watch scripts.
- Covers session helpers and startOAuth (asserts the API key is sent
  as a header, never in the URL), the ProtectedRoute guard, the root
  ErrorBoundary, and Login password validation.
- setup.ts installs an in-memory localStorage — jsdom's isn't reliable
  under Vitest 4 / Node Web Storage.
- 14 tests passing.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@michaelzwang13
Copy link
Copy Markdown
Owner Author

michaelzwang13 commented May 22, 2026

@claude review please

@claude
Copy link
Copy Markdown

claude Bot commented May 22, 2026
edited
Loading

Claude encountered an error after 15s —— View job

I'll analyze this and get back to you.

@michaelzwang13 michaelzwang13 merged commit d84cc56 into main May 22, 2026
1 check failed
@michaelzwang13 michaelzwang13 mentioned this pull request May 23, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@michaelzwang13