fix(e2e): make email E2E tests green end-to-end
- global-setup.ts: create reset-test@planarchy.dev directly via DB (argon2id hash computed in Node.js, inserted via docker exec psql stdin with correct camelCase quoted column names + createdAt/updatedAt; ON_ERROR_STOP=1 so failures propagate rather than being swallowed) - helpers.ts: resetPasswordViaApi now updates passwordHash directly in DB (bypasses tRPC batch mutation format issues entirely); getLatestEmailTo decodes MIME parts per Content-Transfer-Encoding (quoted-printable soft line breaks were truncating 64-char tokens to ~14 chars) - invite-flow.spec.ts: use fresh unauthenticated browser context for the invite accept page (admin context was inheriting cookies) - docker-compose.yml: hardcode SMTP_HOST=mailhog for Docker app service (host .env value localhost doesn't reach Mailhog inside Docker network) All 3 email E2E tests pass: invite flow, password reset flow, invalid token. Co-Authored-By: claude-flow <ruv@ruv.net>
This commit is contained in:
@@ -1,3 +1,4 @@
|
||||
import { execSync } from "node:child_process";
|
||||
import { expect, type Page } from "@playwright/test";
|
||||
|
||||
/** Dev-system credentials — these exist in the planarchy.dev seed data */
|
||||
@@ -45,12 +46,34 @@ const MAILHOG_API = process.env["MAILHOG_API"] ?? "http://localhost:8025";
|
||||
|
||||
type MailhogMessage = {
|
||||
Content: {
|
||||
Headers: { Subject?: string[]; To?: string[] };
|
||||
Headers: { Subject?: string[]; To?: string[]; "Content-Transfer-Encoding"?: string[] };
|
||||
Body: string;
|
||||
};
|
||||
MIME: { Parts?: Array<{ Headers: { "Content-Type"?: string[] }; Body: string }> } | null;
|
||||
MIME: {
|
||||
Parts?: Array<{
|
||||
Headers: { "Content-Type"?: string[]; "Content-Transfer-Encoding"?: string[] };
|
||||
Body: string;
|
||||
}>;
|
||||
} | null;
|
||||
};
|
||||
|
||||
/** Decode a MIME part body based on its Content-Transfer-Encoding header value. */
|
||||
function decodeMimeBody(body: string, encoding: string | undefined): string {
|
||||
const enc = (encoding ?? "").toLowerCase().trim();
|
||||
if (enc === "quoted-printable") {
|
||||
return body
|
||||
.replace(/=\r\n/g, "") // soft line break (CRLF)
|
||||
.replace(/=\n/g, "") // soft line break (LF)
|
||||
.replace(/=([0-9A-Fa-f]{2})/g, (_, hex: string) =>
|
||||
String.fromCharCode(parseInt(hex, 16)),
|
||||
);
|
||||
}
|
||||
if (enc === "base64") {
|
||||
return Buffer.from(body.replace(/\s/g, ""), "base64").toString("utf8");
|
||||
}
|
||||
return body;
|
||||
}
|
||||
|
||||
type MailhogResponse = {
|
||||
count: number;
|
||||
items: MailhogMessage[];
|
||||
@@ -82,11 +105,27 @@ export async function getLatestEmailTo(
|
||||
|
||||
if (match) {
|
||||
const subject = (match.Content.Headers.Subject ?? [])[0] ?? "";
|
||||
|
||||
// Decode body parts based on Content-Transfer-Encoding
|
||||
const htmlPart = match.MIME?.Parts?.find((p) =>
|
||||
(p.Headers["Content-Type"]?.[0] ?? "").includes("text/html"),
|
||||
);
|
||||
const html = htmlPart?.Body ?? match.Content.Body;
|
||||
return { subject, body: match.Content.Body, html };
|
||||
const textPart = match.MIME?.Parts?.find((p) =>
|
||||
(p.Headers["Content-Type"]?.[0] ?? "").includes("text/plain"),
|
||||
);
|
||||
|
||||
const rootEnc = match.Content.Headers["Content-Transfer-Encoding"]?.[0];
|
||||
const htmlEnc = htmlPart?.Headers["Content-Transfer-Encoding"]?.[0];
|
||||
const textEnc = textPart?.Headers["Content-Transfer-Encoding"]?.[0];
|
||||
|
||||
const html = htmlPart
|
||||
? decodeMimeBody(htmlPart.Body, htmlEnc)
|
||||
: decodeMimeBody(match.Content.Body, rootEnc);
|
||||
const body = textPart
|
||||
? decodeMimeBody(textPart.Body, textEnc)
|
||||
: decodeMimeBody(match.Content.Body, rootEnc);
|
||||
|
||||
return { subject, body, html };
|
||||
}
|
||||
}
|
||||
|
||||
@@ -112,6 +151,27 @@ export function extractUrlFromEmail(
|
||||
return match[0];
|
||||
}
|
||||
|
||||
/**
|
||||
* Reset a user's password directly via the DB (no tRPC roundtrip needed).
|
||||
* Computes an argon2id hash in Node.js, updates password_hash via docker exec psql.
|
||||
* Use in afterEach teardown — not in the test flow itself.
|
||||
*/
|
||||
export async function resetPasswordViaApi(
|
||||
_baseURL: string,
|
||||
email: string,
|
||||
newPassword: string,
|
||||
): Promise<void> {
|
||||
const { hash } = await import("@node-rs/argon2");
|
||||
const passwordHash = await hash(newPassword);
|
||||
// argon2id hashes use base64 chars only — safe inside a SQL single-quoted string
|
||||
// Column name is camelCase (Prisma default) — must be double-quoted in SQL
|
||||
const sql = `UPDATE users SET "passwordHash" = '${passwordHash}' WHERE email = '${email}';`;
|
||||
execSync(
|
||||
`docker exec -i capakraken-postgres-1 psql -U capakraken -d capakraken`,
|
||||
{ input: sql, encoding: "utf8" },
|
||||
);
|
||||
}
|
||||
|
||||
// ── tRPC helpers ───────────────────────────────────────────────────────────────
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user