api: auth negative tests, family ledger test, superadmin doc, export streaming draft

[zensgit]

Summary:

• Add negative auth tests: wrong bcrypt password (401), inactive user refresh (403)
• Add family default ledger integrity test (is_default + created_by)
• Document superadmin default password (Argon2 for SuperAdmin@123) in README
• Draft export streaming design doc (docs/EXPORT_STREAMING_DESIGN.md)

Rationale:
Closes gaps in negative-path coverage for auth and asserts data integrity on family creation. Provides onboarding clarity for superadmin login and prepares performance roadmap for large CSV exports.

Testing:
SQLX_OFFLINE=true cargo test --tests (24 pass) – tests + docs only, no prod code changes.

[gemini-code-assist]

Summary of Changes

Hello @zensgit, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the API's robustness and prepares it for future performance optimizations. It introduces crucial negative-path testing for authentication flows and validates data integrity during the creation of new families. Additionally, it improves developer experience by documenting the default superadmin credentials and lays out a detailed architectural plan for implementing efficient, memory-optimized data export streaming.

Highlights

• Negative Authentication Tests: New integration tests have been added to cover negative authentication scenarios, specifically ensuring that login attempts with incorrect bcrypt passwords result in a 401 Unauthorized status and that refresh token requests for inactive users are met with a 403 Forbidden status.
• Family Default Ledger Integrity Test: A new integration test verifies the integrity of default ledger creation within a family. It asserts that upon family registration, a default ledger is correctly created with the is_default flag set to true and created_by linked to the family owner's user ID.
• Superadmin Password Documentation: The README.md file has been updated to include clear documentation regarding the default superadmin password (SuperAdmin@123) and its Argon2 hash. This section also provides important notes on password management for local development and CI environments.
• Export Streaming Design Draft: A new design document, docs/EXPORT_STREAMING_DESIGN.md, has been drafted. This document outlines a comprehensive plan for implementing CSV export streaming, aiming to reduce memory usage and improve latency for large data exports by processing data in chunks rather than building the entire payload in memory.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[Copilot]

Pull Request Overview

This PR enhances testing coverage and documentation by adding negative authentication tests, a family ledger integrity test, superadmin documentation, and a streaming export design document.

• Adds negative path testing for authentication failures (wrong password, inactive user refresh)
• Implements family default ledger integrity verification test
• Documents superadmin default credentials for easier onboarding

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File	Description
jive-api/tests/integration/family_default_ledger_test.rs	New test verifying default ledger creation with proper flags and ownership
jive-api/tests/integration/auth_login_negative_test.rs	New negative authentication tests for wrong password and inactive user scenarios
docs/EXPORT_STREAMING_DESIGN.md	Technical design document for streaming CSV export implementation
README.md	Added superadmin default password documentation with usage examples

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The assertion unwrap_or(false), true is unnecessarily complex. Since you expect the ledger to be default, use assert!(ledger.is_default.unwrap_or(false)) or assert_eq!(ledger.is_default, Some(true)) for clearer intent.

Suggested change

	assert_eq!(ledger.is_default.unwrap_or(false), true, "ledger should be default");
	assert_eq!(ledger.is_default, Some(true), "ledger should be default");

[Copilot]

[nitpick] The salt generation uses a verbose path. Consider importing the types or using a shorter alias: use argon2::password_hash::{rand_core::OsRng, SaltString}; to improve readability.

[Copilot]

Missing article: should be 'until fewer than chunk_size results' or 'until fewer results than chunk_size'.

Suggested change

	- Option A (simple): repeated `SELECT ... ORDER BY id LIMIT $chunk OFFSET $offset` until fewer than chunk results.
	- Option A (simple): repeated `SELECT ... ORDER BY id LIMIT $chunk OFFSET $offset` until fewer results than chunk.

[gemini-code-assist]

Code Review

This pull request introduces valuable additions, including negative path tests for authentication, an integrity test for family creation, and a design document for streaming exports. The tests are well-structured and enhance the robustness of the authentication flow. The design document for streaming is comprehensive and provides a solid plan for improving performance on large exports. My main feedback is regarding the new documentation for the superadmin password in README.md. There appears to be a contradiction between the password mentioned in the new section (SuperAdmin@123) and the one set by the latest database migration and mentioned elsewhere in the README.md (admin123). This could cause confusion for developers. I've left a specific comment with details.

[gemini-code-assist]

This new section states that the default superadmin password is SuperAdmin@123. However, this seems to contradict other parts of the repository:

• The existing README.md section "默认管理员账号（开发环境）" on line 269 states the password is admin123.
• The latest migration 016_fix_families_member_count_and_superadmin.sql also sets the password to admin123 and contains a comment confirming this.

This discrepancy can be very confusing for developers setting up the project. Please unify the password across all documentation and migrations. If the intended password is SuperAdmin@123 as per the PR description, the migration 016 and the older README.md section should be updated. If it's admin123, this new section should be corrected.