Merge pull request #1265 from joshunrau/pw

adjust playwright setup for automatic authentication on app pages

Author: joshunrau

apps/api/src/core/decorators/throttle-login-request.decorator.ts

@@ -10,12 +10,14 @@ import { DEFAULT_LOGIN_REQUEST_THROTTLER_LIMIT, DEFAULT_LOGIN_REQUEST_THROTTLER_
 const LOGIN_REQUEST_THROTTLER_LIMIT = $NumberLike
   .pipe(z.number().int().positive())
   .default(DEFAULT_LOGIN_REQUEST_THROTTLER_LIMIT)
-  .parse(process.env.LOGIN_REQUEST_THROTTLER_LIMIT);
+  // eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
+  .parse(process.env.LOGIN_REQUEST_THROTTLER_LIMIT || undefined);
 
 const LOGIN_REQUEST_THROTTLER_TTL = $NumberLike
   .pipe(z.number().int().positive())
   .default(DEFAULT_LOGIN_REQUEST_THROTTLER_TTL)
-  .parse(process.env.LOGIN_REQUEST_THROTTLER_TTL);
+  // eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
+  .parse(process.env.LOGIN_REQUEST_THROTTLER_TTL || undefined);
 
 export function ThrottleLoginRequest() {
   return applyDecorators(

apps/web/src/store/slices/auth.slice.ts

@@ -5,23 +5,40 @@ import { jwtDecode } from 'jwt-decode';
 
 import type { AuthSlice, SliceCreator } from '../types';
 
-export const createAuthSlice: SliceCreator<AuthSlice> = (set) => ({
-  accessToken: null,
-  changeGroup: (group) => {
-    set({ currentGroup: group, currentSession: null });
-  },
-  currentGroup: null,
-  currentUser: null,
-  login: (accessToken) => {
-    const { groups, permissions, ...rest } = jwtDecode<TokenPayload>(accessToken);
-    const ability = createMongoAbility<PureAbility<[AppAction, AppSubjectName], any>>(permissions);
-    set({
-      accessToken,
-      currentGroup: groups[0],
-      currentUser: { ability, groups, ...rest }
-    });
-  },
-  logout: () => {
-    window.location.reload();
-  }
-});
+const parseAccessToken = (accessToken: string) => {
+  const { groups, permissions, ...rest } = jwtDecode<TokenPayload>(accessToken);
+  const ability = createMongoAbility<PureAbility<[AppAction, AppSubjectName], any>>(permissions);
+  return {
+    currentGroup: groups[0],
+    currentUser: {
+      ability,
+      groups,
+      ...rest
+    }
+  };
+};
+
+export const createAuthSlice: SliceCreator<AuthSlice> = (set) => {
+  const accessToken = window.__PLAYWRIGHT_ACCESS_TOKEN__ ?? null;
+  const initialState = accessToken ? parseAccessToken(accessToken) : null;
+
+  return {
+    accessToken,
+    changeGroup: (group) => {
+      set({ currentGroup: group, currentSession: null });
+    },
+    currentGroup: initialState?.currentGroup ?? null,
+    currentUser: initialState?.currentUser ?? null,
+    login: (accessToken) => {
+      const { currentGroup, currentUser } = parseAccessToken(accessToken);
+      set({
+        accessToken,
+        currentGroup,
+        currentUser
+      });
+    },
+    logout: () => {
+      window.location.reload();
+    }
+  };
+};

apps/web/src/vite-env.d.ts

@@ -27,4 +27,8 @@ interface ImportMeta {
   readonly env: ImportMetaEnv;
 }
 
+interface Window {
+  __PLAYWRIGHT_ACCESS_TOKEN__?: string;
+}
+
 declare const __RELEASE__: import('@opendatacapture/schemas/setup').ReleaseInfo;

testing/e2e/playwright.config.ts

@@ -1,9 +1,12 @@
+import * as crypto from 'node:crypto';
 import * as path from 'node:path';
 
 import { parseNumber, range, unwrap } from '@douglasneuroinformatics/libjs';
 import { defineConfig, devices } from '@playwright/test';
 import type { Project } from '@playwright/test';
 
+import { AUTH_STORAGE_DIR } from './src/helpers/constants';
+
 import type { BrowserTarget, ProjectMetadata } from './src/helpers/types';
 
 const apiPort = parseNumber(process.env.API_DEV_SERVER_PORT);
@@ -26,6 +29,8 @@ const browsers: { target: BrowserTarget; use: Project['use'] }[] = [
 ] as const;
 
 export default defineConfig({
+  globalSetup: path.resolve(import.meta.dirname, 'src/global/global.setup.ts'),
+  globalTeardown: path.resolve(import.meta.dirname, 'src/global/global.teardown.ts'),
   maxFailures: 1,
   outputDir: path.resolve(import.meta.dirname, '.playwright/output'),
   projects: [
@@ -46,9 +51,12 @@ export default defineConfig({
     },
     ...unwrap(range(1, 4)).flatMap((i) => {
       return browsers.map((browser) => {
+        const browserId = crypto.createHash('sha256').update(browser.target).digest('hex');
         return {
           dependencies: i === 1 ? ['Global Setup'] : [`${i - 1}.x - ${browser.target}`],
           metadata: {
+            authStorageFile: path.resolve(AUTH_STORAGE_DIR, `${browserId}.json`),
+            browserId,
             browserTarget: browser.target
           } satisfies ProjectMetadata,
           name: `${i}.x - ${browser.target}`,

testing/e2e/src/1.1-auth.spec.ts

@@ -1,10 +1,30 @@
+import { users } from './helpers/data';
 import { expect, test } from './helpers/fixtures';
 
-// no need to test the actual login here as it is tested on every other page
+import type { ProjectAuth } from './helpers/types';
 
 test.describe('redirects', () => {
   test('should redirect to login page from the index page', async ({ page }) => {
     await page.goto('/');
     await expect(page).toHaveURL('/auth/login');
   });
 });
+
+test.describe('login page', () => {
+  test('should allow logging in', async ({ getPageModel, getProjectMetadata, setProjectAuth }) => {
+    const credentials = users[getProjectMetadata('browserTarget')];
+    const loginPage = await getPageModel('/auth/login');
+    const loginResponsePromise = loginPage.$ref.waitForResponse((response) => {
+      return response.url().endsWith('/v1/auth/login') && response.status() === 200;
+    });
+
+    await loginPage.fillLoginForm(credentials);
+    await loginPage.expect.toHaveURL('/dashboard');
+
+    const response = await loginResponsePromise;
+    const body = await response.json();
+    expect(typeof body.accessToken).toBe('string');
+
+    await setProjectAuth({ accessToken: body.accessToken as string } satisfies ProjectAuth);
+  });
+});

testing/e2e/src/1.2-dashboard.spec.ts testing/e2e/src/2.1-dashboard.spec.tstesting/e2e/src/1.2-dashboard.spec.ts renamed to testing/e2e/src/2.1-dashboard.spec.ts

@@ -1,13 +1,8 @@
 import { expect, test } from './helpers/fixtures';
 
 test.describe('dashboard', () => {
-  test.beforeEach(async ({ login, page }) => {
-    await login();
-    await expect(page).toHaveURL('/dashboard');
-  });
-
   test('should display the dashboard header', async ({ getPageModel }) => {
-    const dashboardPage = getPageModel('/dashboard');
+    const dashboardPage = await getPageModel('/dashboard');
     await expect(dashboardPage.pageHeader).toBeVisible();
     await expect(dashboardPage.pageHeader).toContainText('Dashboard');
   });

testing/e2e/src/global/global.setup.spec.ts

@@ -13,8 +13,7 @@ test.describe.serial(() => {
       await expect(response.json()).resolves.toMatchObject({ isSetup: false });
     });
     test('should successfully setup', async ({ getPageModel }) => {
-      const setupPage = getPageModel('/setup');
-      await setupPage.goto('/setup');
+      const setupPage = await getPageModel('/setup');
       await setupPage.fillSetupForm(initAppOptions);
       await setupPage.expect.toHaveURL('/auth/login');
     });

testing/e2e/src/global/global.setup.ts

@@ -0,0 +1,11 @@
+import * as fs from 'node:fs';
+
+import type { FullConfig } from '@playwright/test';
+
+import { AUTH_STORAGE_DIR } from '../helpers/constants';
+
+export default function setup(_config: FullConfig) {
+  if (!fs.existsSync(AUTH_STORAGE_DIR)) {
+    fs.mkdirSync(AUTH_STORAGE_DIR, { recursive: true });
+  }
+}

testing/e2e/src/global/global.teardown.ts

@@ -0,0 +1,9 @@
+import * as fs from 'node:fs';
+
+import { AUTH_STORAGE_DIR } from '../helpers/constants';
+
+export default function teardown() {
+  if (fs.existsSync(AUTH_STORAGE_DIR)) {
+    fs.rmSync(AUTH_STORAGE_DIR, { force: true, recursive: true });
+  }
+}

testing/e2e/src/helpers/constants.ts

@@ -0,0 +1,3 @@
+import * as path from 'node:path';
+
+export const AUTH_STORAGE_DIR = path.resolve(import.meta.dirname, '../../.playwright/auth');