Add backend unit test framework and modularize settings UI

Introduced a Vitest-based backend unit testing framework with supporting scripts, helpers, and GitHub Actions integration. Refactored the admin settings page to a modular architecture, splitting monolithic logic into feature-specific tabs and hooks for improved maintainability and testability. Updated documentation to reflect the new testing setup and settings architecture, and added new dependencies for testing utilities.
2026-06-02 20:30:10 +00:00 · 2026-01-15 16:49:59 -05:00
parent b3f89d67bb
commit 94dbaf073b
127 changed files with 23549 additions and 2868 deletions
@@ -0,0 +1,70 @@
+/**
+ * Component: JWT Utilities Tests
+ * Documentation: documentation/backend/services/auth.md
+ */
+
+import { describe, expect, it } from 'vitest';
+import jwt from 'jsonwebtoken';
+import {
+  decodeToken,
+  generateAccessToken,
+  generateRefreshToken,
+  verifyAccessToken,
+  verifyRefreshToken,
+} from '@/lib/utils/jwt';
+
+describe('JWT utilities', () => {
+  it('generates and verifies access tokens', () => {
+    const token = generateAccessToken({
+      sub: 'user-1',
+      plexId: 'plex-1',
+      username: 'user',
+      role: 'admin',
+    });
+
+    const payload = verifyAccessToken(token);
+
+    expect(payload?.sub).toBe('user-1');
+    expect(payload?.role).toBe('admin');
+  });
+
+  it('returns null for invalid access tokens', () => {
+    const payload = verifyAccessToken('bad-token');
+
+    expect(payload).toBeNull();
+  });
+
+  it('generates and verifies refresh tokens', () => {
+    const token = generateRefreshToken('user-2');
+    const payload = verifyRefreshToken(token);
+
+    expect(payload?.sub).toBe('user-2');
+    expect(payload?.type).toBe('refresh');
+  });
+
+  it('returns null when refresh token type does not match', () => {
+    const invalid = jwt.sign(
+      { sub: 'user-3', type: 'access' },
+      'change-this-to-another-random-secret-key',
+      { expiresIn: '7d' }
+    );
+
+    const payload = verifyRefreshToken(invalid);
+
+    expect(payload).toBeNull();
+  });
+
+  it('decodes tokens without verification', () => {
+    const token = generateAccessToken({
+      sub: 'user-4',
+      plexId: 'plex-4',
+      username: 'user',
+      role: 'user',
+    });
+
+    const decoded = decodeToken(token) as { sub?: string } | null;
+
+    expect(decoded?.sub).toBe('user-4');
+    expect(decodeToken('not-a-jwt')).toBeNull();
+  });
+});