test: update auth and database tests for password hashing

- Refactor AvatarDropdown tests to use helper function pattern - Add ResetPasswordPage test coverage for form validation and submission - Update auth integration tests to verify bcrypt password handling - Fix database service tests to expect hashed passwords - Add proper mock setup for password verification scenarios
2025-10-16 13:16:00 -07:00
parent 7317616032
commit 6a6b48cbc5
4 changed files with 277 additions and 330 deletions
--- a/services/database/tests/DatabaseService.test.ts
+++ b/services/database/tests/DatabaseService.test.ts
@@ -12,10 +12,14 @@ jest.mock('../../../config/unified.config', () => ({
      baseUrl: 'http://localhost:3000',
    },
  },
+  getAuthConfig: jest.fn(() => ({ bcryptRounds: 4 })),
 }));

+const strategyMocks: Record<string, jest.Mock> = {};
+
 // Create mock strategy methods object
-const mockStrategyMethods = {
+const mockStrategyMethods = strategyMocks as Record<string, jest.Mock>;
+Object.assign(mockStrategyMethods, {
  createUser: jest.fn(),
  updateUser: jest.fn(),
  getUserById: jest.fn(),
@@ -36,17 +40,15 @@ const mockStrategyMethods = {
  updateCustomReminder: jest.fn(),
  getCustomReminders: jest.fn(),
  deleteCustomReminder: jest.fn(),
-};
+});

 // Mock the strategies
 jest.mock('../MockDatabaseStrategy', () => ({
-  MockDatabaseStrategy: jest.fn().mockImplementation(() => mockStrategyMethods),
+  MockDatabaseStrategy: jest.fn().mockImplementation(() => strategyMocks),
 }));

 jest.mock('../ProductionDatabaseStrategy', () => ({
-  ProductionDatabaseStrategy: jest
-    .fn()
-    .mockImplementation(() => mockStrategyMethods),
+  ProductionDatabaseStrategy: jest.fn().mockImplementation(() => strategyMocks),
 }));

 // Import after mocks are set up
@@ -390,18 +392,19 @@ describe('DatabaseService', () => {

      test('should support changeUserPassword method', async () => {
        const user = createMockUser();
-        const updatedUser = { ...user, password: 'newPassword' };
        mockStrategyMethods.getUserById.mockResolvedValue(user);
-        mockStrategyMethods.updateUser.mockResolvedValue(updatedUser);
+        mockStrategyMethods.updateUser.mockImplementation(
+          async updated => updated
+        );

        const result = await service.changeUserPassword('user1', 'newPassword');

        expect(mockStrategyMethods.getUserById).toHaveBeenCalledWith('user1');
-        expect(mockStrategyMethods.updateUser).toHaveBeenCalledWith({
-          ...user,
-          password: 'newPassword',
-        });
-        expect(result).toBe(updatedUser);
+        const updateCallArg = mockStrategyMethods.updateUser.mock.calls[0][0];
+        expect(updateCallArg._id).toBe(user._id);
+        expect(updateCallArg.password).not.toBe('newPassword');
+        expect(updateCallArg.password.startsWith('$2')).toBe(true);
+        expect(result.password).toBe(updateCallArg.password);
      });

      test('should support deleteAllUserData method', async () => {