fuomag9 a5c0df6a9c Add comprehensive API security E2E tests ...

Tests every /api/v1/ endpoint (86 endpoints × 4 auth levels = 316 tests):
- Unauthenticated requests → 401 on all endpoints
- User role → 403 on admin-only endpoints
- Viewer role → 403 on admin-only endpoints
- Admin role → allowed on all endpoints
- Cross-user isolation: users cannot access other users' profiles

Uses Bearer API tokens (created directly in DB) to avoid
Better Auth rate limiting during test execution.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-12 22:29:13 +02:00

..

dex

Replace next-auth with Better Auth, migrate DB columns to camelCase

2026-04-12 21:11:48 +02:00

e2e

Add comprehensive API security E2E tests

2026-04-12 22:29:13 +02:00

helpers

Add forward auth E2E tests with Dex OIDC provider

2026-04-09 21:10:28 +02:00

integration

Replace next-auth with Better Auth, migrate DB columns to camelCase

2026-04-12 21:11:48 +02:00

unit

Replace next-auth with Better Auth, migrate DB columns to camelCase

2026-04-12 21:11:48 +02:00

docker-compose.test.yml

Replace next-auth with Better Auth, migrate DB columns to camelCase

2026-04-12 21:11:48 +02:00

global-setup.ts

Migrate analytics from SQLite to ClickHouse

2026-04-10 00:05:38 +02:00

global-teardown.ts

Migrate analytics from SQLite to ClickHouse

2026-04-10 00:05:38 +02:00

playwright.config.ts

test: restrict mobile-iphone project to mobile tests only

2026-03-12 09:07:15 +01:00

setup.vitest.ts

added tests

2026-03-07 02:02:14 +01:00

vitest.config.ts

fix: use bun:sqlite in production, better-sqlite3 as test-only devDep

2026-03-21 11:53:33 +01:00