malpercio.dev / atbb
WIP! A BB-style forum, on the ATmosphere! We're still working... we'll be back soon when we have something to show off!
node typescript hono htmx atproto
fork atom

Auto-create membership records on first login (ATB-15) (#27)

* docs: add design document for ATB-15 membership auto-creation

- Documents fire-and-forget architecture with graceful degradation
- Specifies helper function createMembershipForUser() implementation
- Details OAuth callback integration point after profile fetch
- Outlines comprehensive testing strategy (unit, integration, error scenarios)
- Covers edge cases: race conditions, firehose lag, PDS failures
- Includes implementation checklist and future considerations

* test: add failing test for membership duplicate check

* feat: add database duplicate check for memberships

* feat: add forum metadata lookup with error handling

- Query forums table for forum.did, forum.rkey, forum.cid
- Build forumUri from database instead of hardcoded config value
- Throw error if forum not found (defensive check)
- Add test for missing forum error case
- Add emptyDb option to createTestContext for testing error paths

* feat: implement PDS write logic for membership records

* test: add error handling and duplicate check tests

* feat: integrate membership creation into OAuth callback

* docs: mark ATB-15 complete in project plan

* test: add manual testing helper script for ATB-15

* fix: address critical code review feedback - logging format and test cleanup (ATB-15)

Critical fixes:
- Fix logging format to use JSON.stringify() pattern (matches auth.ts:156)
Ensures logs are parseable by aggregation tools (Datadog, CloudWatch)
- Fix test cleanup to handle all test DIDs with pattern matching
Prevents test data pollution from dynamic DIDs (duptest-*, create-*)

Addresses 2 of 3 critical blocking issues from PR #27 review.

Note on integration tests:
The review requested OAuth callback integration tests. This codebase has no
existing route test patterns, and OAuth testing requires complex mocking.
The 5 unit tests provide 100% coverage of helper logic. Establishing OAuth
integration test patterns is valuable but deferred to a separate effort.

* test: add OAuth callback integration tests for fire-and-forget pattern (ATB-15)

Adds 4 integration tests verifying the architectural contract:
'Login succeeds even when membership creation fails'

Tests verify:
- Login succeeds when PDS unreachable (membership creation throws)
- Login succeeds when database connection fails
- Login succeeds when membership already exists (no duplicate)
- Login succeeds when membership creation succeeds

Follows established pattern from topics.test.ts:
- Mock dependencies at module level before importing routes
- Use createTestContext() for test database
- Test through HTTP requests with Hono app

Addresses critical blocking issue #1 from PR #27 code review.
Total test coverage: 5 unit tests + 4 integration tests = 9 tests

* fix: mock cookieSessionStore.set in auth integration tests

CI was failing with 'ctx.cookieSessionStore.set is not a function'.
The OAuth callback creates a session cookie after successful login,
so the test context needs this method mocked.

Fixes CI test failures. All 258 tests now passing.

authored by

Malpercio and committed by
GitHub 4224ae26 0b6de5de

+687 -19
unified split
+204
apps/appview/src/lib/__tests__/membership.test.ts
···
··· 1 + import { describe, it, expect, vi, beforeEach, afterEach } from "vitest"; 2 + import { createMembershipForUser } from "../membership.js"; 3 + import { createTestContext, type TestContext } from "./test-context.js"; 4 + import { memberships, users, forums } from "@atbb/db"; 5 + import { eq } from "drizzle-orm"; 6 + 7 + describe("createMembershipForUser", () => { 8 + let ctx: TestContext; 9 + 10 + beforeEach(async () => { 11 + ctx = await createTestContext(); 12 + }); 13 + 14 + afterEach(async () => { 15 + await ctx.cleanup(); 16 + }); 17 + 18 + it("returns early when membership already exists", async () => { 19 + const mockAgent = { 20 + com: { 21 + atproto: { 22 + repo: { 23 + putRecord: vi.fn(), 24 + }, 25 + }, 26 + }, 27 + } as any; 28 + 29 + // Insert user first (FK constraint) 30 + await ctx.db.insert(users).values({ 31 + did: "did:plc:test-user", 32 + handle: "test.user", 33 + indexedAt: new Date(), 34 + }); 35 + 36 + // Insert existing membership into test database 37 + const forumUri = `at://${ctx.config.forumDid}/space.atbb.forum.forum/self`; 38 + await ctx.db.insert(memberships).values({ 39 + did: "did:plc:test-user", 40 + rkey: "existing", 41 + cid: "bafytest", 42 + forumUri, 43 + joinedAt: new Date(), 44 + createdAt: new Date(), 45 + indexedAt: new Date(), 46 + }); 47 + 48 + const result = await createMembershipForUser( 49 + ctx, 50 + mockAgent, 51 + "did:plc:test-user" 52 + ); 53 + 54 + expect(result.created).toBe(false); 55 + expect(mockAgent.com.atproto.repo.putRecord).not.toHaveBeenCalled(); 56 + }); 57 + 58 + it("throws when forum metadata not found", async () => { 59 + const emptyCtx = await createTestContext({ emptyDb: true }); 60 + 61 + // Delete any existing forums from beforeEach hook 62 + await emptyCtx.db.delete(forums).where(eq(forums.rkey, "self")); 63 + 64 + const mockAgent = { 65 + com: { 66 + atproto: { 67 + repo: { 68 + putRecord: vi.fn(), 69 + }, 70 + }, 71 + }, 72 + } as any; 73 + 74 + await expect( 75 + createMembershipForUser(emptyCtx, mockAgent, "did:plc:test123") 76 + ).rejects.toThrow("Forum not found"); 77 + 78 + // Clean up the empty context 79 + await emptyCtx.cleanup(); 80 + }); 81 + 82 + it("creates membership record when none exists", async () => { 83 + const mockAgent = { 84 + com: { 85 + atproto: { 86 + repo: { 87 + putRecord: vi.fn().mockResolvedValue({ 88 + data: { 89 + uri: "at://did:plc:create-test/space.atbb.membership/tid123", 90 + cid: "bafynew123", 91 + }, 92 + }), 93 + }, 94 + }, 95 + }, 96 + } as any; 97 + 98 + const result = await createMembershipForUser( 99 + ctx, 100 + mockAgent, 101 + "did:plc:create-test" 102 + ); 103 + 104 + expect(result.created).toBe(true); 105 + expect(result.uri).toBe("at://did:plc:create-test/space.atbb.membership/tid123"); 106 + expect(result.cid).toBe("bafynew123"); 107 + 108 + // Verify putRecord was called with correct lexicon structure 109 + expect(mockAgent.com.atproto.repo.putRecord).toHaveBeenCalledWith( 110 + expect.objectContaining({ 111 + repo: "did:plc:create-test", 112 + collection: "space.atbb.membership", 113 + rkey: expect.stringMatching(/^[a-z0-9]+$/), // TID format 114 + record: expect.objectContaining({ 115 + $type: "space.atbb.membership", 116 + forum: { 117 + forum: { 118 + uri: expect.stringContaining("space.atbb.forum.forum/self"), 119 + cid: expect.any(String), 120 + }, 121 + }, 122 + createdAt: expect.stringMatching(/^\d{4}-\d{2}-\d{2}T/), // ISO timestamp 123 + joinedAt: expect.stringMatching(/^\d{4}-\d{2}-\d{2}T/), 124 + }), 125 + }) 126 + ); 127 + }); 128 + 129 + it("throws when PDS write fails", async () => { 130 + const mockAgent = { 131 + com: { 132 + atproto: { 133 + repo: { 134 + putRecord: vi.fn().mockRejectedValue(new Error("Network timeout")), 135 + }, 136 + }, 137 + }, 138 + } as any; 139 + 140 + await expect( 141 + createMembershipForUser(ctx, mockAgent, "did:plc:pds-fail-test") 142 + ).rejects.toThrow("Network timeout"); 143 + }); 144 + 145 + it("checks for duplicates using DID + forumUri", async () => { 146 + const mockAgent = { 147 + com: { 148 + atproto: { 149 + repo: { 150 + putRecord: vi.fn(), 151 + }, 152 + }, 153 + }, 154 + } as any; 155 + 156 + const testDid = `did:plc:duptest-${Date.now()}`; 157 + const forumUri = `at://${ctx.config.forumDid}/space.atbb.forum.forum/self`; 158 + 159 + // Insert user first (FK constraint) 160 + await ctx.db.insert(users).values({ 161 + did: testDid, 162 + handle: "dupcheck.user", 163 + indexedAt: new Date(), 164 + }); 165 + 166 + // Insert membership for same user in this forum 167 + await ctx.db.insert(memberships).values({ 168 + did: testDid, 169 + rkey: "existing1", 170 + cid: "bafytest1", 171 + forumUri, 172 + joinedAt: new Date(), 173 + createdAt: new Date(), 174 + indexedAt: new Date(), 175 + }); 176 + 177 + // Should return early (duplicate in same forum) 178 + const result1 = await createMembershipForUser( 179 + ctx, 180 + mockAgent, 181 + testDid 182 + ); 183 + expect(result1.created).toBe(false); 184 + 185 + // Insert membership for same user in DIFFERENT forum 186 + await ctx.db.insert(memberships).values({ 187 + did: testDid, 188 + rkey: "existing2", 189 + cid: "bafytest2", 190 + forumUri: "at://did:plc:other/space.atbb.forum.forum/self", 191 + joinedAt: new Date(), 192 + createdAt: new Date(), 193 + indexedAt: new Date(), 194 + }); 195 + 196 + // Should still return early (already has membership in THIS forum) 197 + const result2 = await createMembershipForUser( 198 + ctx, 199 + mockAgent, 200 + testDid 201 + ); 202 + expect(result2.created).toBe(false); 203 + }); 204 + });
+52 -19
apps/appview/src/lib/__tests__/test-context.ts
··· 1 - import { eq } from "drizzle-orm"; 2 import { drizzle } from "drizzle-orm/postgres-js"; 3 import postgres from "postgres"; 4 - import { forums, posts, users, categories } from "@atbb/db"; 5 import * as schema from "@atbb/db"; 6 import type { AppConfig } from "../config.js"; 7 import type { AppContext } from "../app-context.js"; ··· 10 cleanup: () => Promise<void>; 11 } 12 13 /** 14 * Create test context with database and sample data. 15 * Call cleanup() after tests to remove test data. 16 */ 17 - export async function createTestContext(): Promise<TestContext> { 18 const config: AppConfig = { 19 port: 3000, 20 forumDid: "did:plc:test-forum", ··· 30 const sql = postgres(config.databaseUrl); 31 const db = drizzle(sql, { schema }); 32 33 - // Insert test forum (idempotent - safe to call multiple times) 34 - await db 35 - .insert(forums) 36 - .values({ 37 - did: config.forumDid, 38 - rkey: "self", 39 - cid: "bafytest", 40 - name: "Test Forum", 41 - description: "A test forum", 42 - indexedAt: new Date(), 43 - }) 44 - .onConflictDoNothing(); 45 46 // Create stub OAuth dependencies (unused in read-path tests) 47 const stubFirehose = { ··· 63 oauthSessionStore: stubOAuthSessionStore, 64 cookieSessionStore: stubCookieSessionStore, 65 cleanup: async () => { 66 - // Clean up test data (order matters due to FKs: posts -> users -> categories -> forums) 67 - // Only delete posts/users created by test-specific DIDs 68 - await db.delete(posts).where(eq(posts.did, "did:plc:test-user")); 69 - await db.delete(users).where(eq(users.did, "did:plc:test-user")); 70 // Delete categories before forums (FK constraint) 71 await db.delete(categories).where(eq(categories.did, config.forumDid)); 72 await db.delete(forums).where(eq(forums.did, config.forumDid));
··· 1 + import { eq, or, like } from "drizzle-orm"; 2 import { drizzle } from "drizzle-orm/postgres-js"; 3 import postgres from "postgres"; 4 + import { forums, posts, users, categories, memberships } from "@atbb/db"; 5 import * as schema from "@atbb/db"; 6 import type { AppConfig } from "../config.js"; 7 import type { AppContext } from "../app-context.js"; ··· 10 cleanup: () => Promise<void>; 11 } 12 13 + export interface TestContextOptions { 14 + emptyDb?: boolean; 15 + } 16 + 17 /** 18 * Create test context with database and sample data. 19 * Call cleanup() after tests to remove test data. 20 */ 21 + export async function createTestContext( 22 + options: TestContextOptions = {} 23 + ): Promise<TestContext> { 24 const config: AppConfig = { 25 port: 3000, 26 forumDid: "did:plc:test-forum", ··· 36 const sql = postgres(config.databaseUrl); 37 const db = drizzle(sql, { schema }); 38 39 + // Insert test forum unless emptyDb is true 40 + if (!options.emptyDb) { 41 + await db 42 + .insert(forums) 43 + .values({ 44 + did: config.forumDid, 45 + rkey: "self", 46 + cid: "bafytest", 47 + name: "Test Forum", 48 + description: "A test forum", 49 + indexedAt: new Date(), 50 + }) 51 + .onConflictDoNothing(); 52 + } 53 54 // Create stub OAuth dependencies (unused in read-path tests) 55 const stubFirehose = { ··· 71 oauthSessionStore: stubOAuthSessionStore, 72 cookieSessionStore: stubCookieSessionStore, 73 cleanup: async () => { 74 + // Clean up test data (order matters due to FKs: posts -> memberships -> users -> categories -> forums) 75 + // Delete all test-specific DIDs (including dynamically generated ones) 76 + const testDidPattern = or( 77 + eq(posts.did, "did:plc:test-user"), 78 + like(posts.did, "did:plc:test-%"), 79 + like(posts.did, "did:plc:duptest-%"), 80 + like(posts.did, "did:plc:create-%"), 81 + like(posts.did, "did:plc:pds-fail-%") 82 + ); 83 + await db.delete(posts).where(testDidPattern); 84 + 85 + const testMembershipPattern = or( 86 + eq(memberships.did, "did:plc:test-user"), 87 + like(memberships.did, "did:plc:test-%"), 88 + like(memberships.did, "did:plc:duptest-%"), 89 + like(memberships.did, "did:plc:create-%"), 90 + like(memberships.did, "did:plc:pds-fail-%") 91 + ); 92 + await db.delete(memberships).where(testMembershipPattern); 93 + 94 + const testUserPattern = or( 95 + eq(users.did, "did:plc:test-user"), 96 + like(users.did, "did:plc:test-%"), 97 + like(users.did, "did:plc:duptest-%"), 98 + like(users.did, "did:plc:create-%"), 99 + like(users.did, "did:plc:pds-fail-%") 100 + ); 101 + await db.delete(users).where(testUserPattern); 102 + 103 // Delete categories before forums (FK constraint) 104 await db.delete(categories).where(eq(categories.did, config.forumDid)); 105 await db.delete(forums).where(eq(forums.did, config.forumDid));
+56
apps/appview/src/lib/membership.ts
···
··· 1 + import type { AppContext } from "./app-context.js"; 2 + import type { Agent } from "@atproto/api"; 3 + import { memberships, forums } from "@atbb/db"; 4 + import { eq, and } from "drizzle-orm"; 5 + import { TID } from "@atproto/common-web"; 6 + 7 + export async function createMembershipForUser( 8 + ctx: AppContext, 9 + agent: Agent, 10 + did: string 11 + ): Promise<{ created: boolean; uri?: string; cid?: string }> { 12 + // Fetch forum metadata (need URI and CID for strongRef) 13 + const [forum] = await ctx.db 14 + .select() 15 + .from(forums) 16 + .where(eq(forums.rkey, "self")) 17 + .limit(1); 18 + 19 + if (!forum) { 20 + throw new Error("Forum not found"); 21 + } 22 + 23 + const forumUri = `at://${forum.did}/space.atbb.forum.forum/${forum.rkey}`; 24 + 25 + // Check if membership already exists 26 + const existing = await ctx.db 27 + .select() 28 + .from(memberships) 29 + .where(and(eq(memberships.did, did), eq(memberships.forumUri, forumUri))) 30 + .limit(1); 31 + 32 + if (existing.length > 0) { 33 + return { created: false }; 34 + } 35 + 36 + // Create membership record on user's PDS 37 + const rkey = TID.nextStr(); 38 + const now = new Date().toISOString(); 39 + 40 + const result = await agent.com.atproto.repo.putRecord({ 41 + repo: did, 42 + collection: "space.atbb.membership", 43 + rkey, 44 + record: { 45 + $type: "space.atbb.membership", 46 + forum: { 47 + forum: { uri: forumUri, cid: forum.cid }, 48 + }, 49 + createdAt: now, 50 + joinedAt: now, 51 + // role field omitted - defaults to guest/member permissions 52 + }, 53 + }); 54 + 55 + return { created: true, uri: result.data.uri, cid: result.data.cid }; 56 + }
+150
apps/appview/src/routes/__tests__/auth.test.ts
···
··· 1 + import { describe, it, expect, beforeEach, afterEach, vi } from "vitest"; 2 + import { Hono } from "hono"; 3 + import { createTestContext, type TestContext } from "../../lib/__tests__/test-context.js"; 4 + 5 + // Mock createMembershipForUser at module level BEFORE importing routes 6 + let mockCreateMembership: ReturnType<typeof vi.fn>; 7 + 8 + vi.mock("../../lib/membership.js", () => ({ 9 + createMembershipForUser: vi.fn((...args) => mockCreateMembership(...args)), 10 + })); 11 + 12 + // Mock Agent to avoid real PDS calls 13 + vi.mock("@atproto/api", () => ({ 14 + Agent: vi.fn((session: any) => ({ 15 + did: session?.did, 16 + getProfile: vi.fn(async ({ actor }: { actor: string }) => ({ 17 + data: { 18 + handle: `${actor.split(":").pop()}.test.bsky.social`, 19 + displayName: "Test User", 20 + }, 21 + })), 22 + })), 23 + })); 24 + 25 + // Import routes AFTER mocking 26 + const { createAuthRoutes } = await import("../auth.js"); 27 + 28 + describe("OAuth callback - membership creation error handling", () => { 29 + let ctx: TestContext; 30 + let app: Hono; 31 + 32 + beforeEach(async () => { 33 + ctx = await createTestContext(); 34 + app = new Hono().route("/api/auth", createAuthRoutes(ctx)); 35 + 36 + // Reset mocks 37 + vi.clearAllMocks(); 38 + 39 + // Mock OAuth client callback to simulate successful OAuth flow 40 + // Cast to any to bypass complex OAuth type checking in tests 41 + (ctx.oauthClient.callback as any) = vi.fn(async () => ({ 42 + session: { 43 + did: "did:plc:test-oauth", 44 + sub: "did:plc:test-oauth", 45 + iss: "https://bsky.social", 46 + aud: "http://localhost:3001", 47 + exp: Math.floor(Date.now() / 1000) + 3600, 48 + iat: Math.floor(Date.now() / 1000), 49 + scope: "atproto transition:generic", 50 + // Add minimal OAuth session methods to satisfy type 51 + server: {} as any, 52 + sessionGetter: {} as any, 53 + dpopFetch: {} as any, 54 + serverMetadata: {} as any, 55 + }, 56 + state: "test-state", 57 + })); 58 + 59 + // Mock state store to validate CSRF/PKCE 60 + (ctx.oauthStateStore.get as any) = vi.fn(async () => ({ 61 + iss: "https://bsky.social", 62 + pkceVerifier: "test-verifier", 63 + dpopKey: undefined, 64 + })); 65 + 66 + // Mock cookie session store set method (used to create session after OAuth) 67 + ctx.cookieSessionStore.set = vi.fn(async () => {}); 68 + }); 69 + 70 + afterEach(async () => { 71 + await ctx.cleanup(); 72 + }); 73 + 74 + it("allows login even when membership creation fails (PDS unreachable)", async () => { 75 + // Arrange: Mock membership helper to throw (simulating PDS error) 76 + mockCreateMembership = vi.fn().mockRejectedValue(new Error("PDS unreachable")); 77 + 78 + // Act: Call OAuth callback endpoint 79 + const res = await app.request("/api/auth/callback?code=test-code&state=test-state"); 80 + 81 + // Assert: CRITICAL - Login must succeed despite membership creation failure 82 + expect(res.status).toBe(302); // Redirect on success 83 + expect(res.headers.get("Location")).toBe("/"); // Redirects to homepage 84 + 85 + // Assert: Session cookie was set (login completed successfully) 86 + const setCookieHeader = res.headers.get("Set-Cookie"); 87 + expect(setCookieHeader).toBeDefined(); 88 + expect(setCookieHeader).toContain("atbb_session="); 89 + 90 + // Assert: Membership creation was attempted 91 + expect(mockCreateMembership).toHaveBeenCalledWith( 92 + expect.anything(), // ctx 93 + expect.anything(), // agent 94 + "did:plc:test-oauth" // user's DID 95 + ); 96 + }); 97 + 98 + it("allows login when membership creation throws database error", async () => { 99 + // Arrange: Mock membership helper to throw database error 100 + mockCreateMembership = vi 101 + .fn() 102 + .mockRejectedValue(new Error("Connection pool exhausted")); 103 + 104 + // Act 105 + const res = await app.request("/api/auth/callback?code=test-code&state=test-state"); 106 + 107 + // Assert: Login still succeeds 108 + expect(res.status).toBe(302); 109 + expect(res.headers.get("Location")).toBe("/"); 110 + expect(res.headers.get("Set-Cookie")).toContain("atbb_session="); 111 + }); 112 + 113 + it("completes login when membership already exists (no duplicate)", async () => { 114 + // Arrange: Mock membership helper to return early (duplicate detected) 115 + mockCreateMembership = vi.fn().mockResolvedValue({ 116 + created: false, // Membership already exists 117 + }); 118 + 119 + // Act 120 + const res = await app.request("/api/auth/callback?code=test-code&state=test-state"); 121 + 122 + // Assert: Login succeeds 123 + expect(res.status).toBe(302); 124 + expect(res.headers.get("Location")).toBe("/"); 125 + expect(res.headers.get("Set-Cookie")).toContain("atbb_session="); 126 + 127 + // Assert: Membership creation was called but returned early 128 + expect(mockCreateMembership).toHaveBeenCalled(); 129 + }); 130 + 131 + it("completes login when membership creation succeeds", async () => { 132 + // Arrange: Mock membership helper to succeed 133 + mockCreateMembership = vi.fn().mockResolvedValue({ 134 + created: true, 135 + uri: "at://did:plc:test-oauth/space.atbb.membership/test123", 136 + cid: "bafytest123", 137 + }); 138 + 139 + // Act 140 + const res = await app.request("/api/auth/callback?code=test-code&state=test-state"); 141 + 142 + // Assert: Login succeeds 143 + expect(res.status).toBe(302); 144 + expect(res.headers.get("Location")).toBe("/"); 145 + expect(res.headers.get("Set-Cookie")).toContain("atbb_session="); 146 + 147 + // Assert: Membership was created 148 + expect(mockCreateMembership).toHaveBeenCalled(); 149 + }); 150 + });
+31
apps/appview/src/routes/auth.ts
··· 4 import { Agent } from "@atproto/api"; 5 import type { AppContext } from "../lib/app-context.js"; 6 import { restoreOAuthSession } from "../lib/session.js"; 7 8 /** 9 * Authentication routes for OAuth flow using @atproto/oauth-client-node. ··· 158 handle, 159 timestamp: new Date().toISOString(), 160 })); 161 162 // Create a cookie-based session mapping to the OAuth session 163 const cookieToken = randomBytes(32).toString("base64url");
··· 4 import { Agent } from "@atproto/api"; 5 import type { AppContext } from "../lib/app-context.js"; 6 import { restoreOAuthSession } from "../lib/session.js"; 7 + import { createMembershipForUser } from "../lib/membership.js"; 8 9 /** 10 * Authentication routes for OAuth flow using @atproto/oauth-client-node. ··· 159 handle, 160 timestamp: new Date().toISOString(), 161 })); 162 + 163 + // Attempt to create membership record 164 + try { 165 + const agent = new Agent(session); 166 + const result = await createMembershipForUser(ctx, agent, session.did); 167 + 168 + if (result.created) { 169 + console.log(JSON.stringify({ 170 + event: "oauth.callback.membership.created", 171 + did: session.did, 172 + uri: result.uri, 173 + timestamp: new Date().toISOString(), 174 + })); 175 + } else { 176 + console.log(JSON.stringify({ 177 + event: "oauth.callback.membership.exists", 178 + did: session.did, 179 + timestamp: new Date().toISOString(), 180 + })); 181 + } 182 + } catch (error) { 183 + // CRITICAL: Don't fail login if membership creation fails 184 + console.warn(JSON.stringify({ 185 + event: "oauth.callback.membership.failed", 186 + did: session.did, 187 + error: error instanceof Error ? error.message : String(error), 188 + timestamp: new Date().toISOString(), 189 + })); 190 + // Continue with login flow 191 + } 192 193 // Create a cookie-based session mapping to the OAuth session 194 const cookieToken = randomBytes(32).toString("base64url");
+194
scripts/test-membership-creation.sh
···
··· 1 + #!/usr/bin/env bash 2 + set -euo pipefail 3 + 4 + # ATB-15 Manual Testing Helper Script 5 + # Tests membership auto-creation during OAuth login 6 + 7 + SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" 8 + PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" 9 + 10 + # Colors for output 11 + RED='\033[0;31m' 12 + GREEN='\033[0;32m' 13 + YELLOW='\033[1;33m' 14 + BLUE='\033[0;34m' 15 + NC='\033[0m' # No Color 16 + 17 + print_header() { 18 + echo -e "\n${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}" 19 + echo -e "${BLUE}$1${NC}" 20 + echo -e "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}\n" 21 + } 22 + 23 + print_success() { 24 + echo -e "${GREEN}✓${NC} $1" 25 + } 26 + 27 + print_error() { 28 + echo -e "${RED}✗${NC} $1" 29 + } 30 + 31 + print_info() { 32 + echo -e "${YELLOW}ℹ${NC} $1" 33 + } 34 + 35 + print_step() { 36 + echo -e "\n${YELLOW}Step $1:${NC} $2" 37 + } 38 + 39 + # Check if .env exists 40 + if [ ! -f "$PROJECT_ROOT/.env" ]; then 41 + print_error ".env file not found. Please copy .env.example to .env and configure." 42 + exit 1 43 + fi 44 + 45 + # Load environment variables 46 + set -a 47 + source "$PROJECT_ROOT/.env" 48 + set +a 49 + 50 + # Verify required variables 51 + REQUIRED_VARS=("DATABASE_URL" "FORUM_DID" "PDS_URL") 52 + for var in "${REQUIRED_VARS[@]}"; do 53 + if [ -z "${!var:-}" ]; then 54 + print_error "Required environment variable $var is not set in .env" 55 + exit 1 56 + fi 57 + done 58 + 59 + print_header "ATB-15 Manual Testing: Membership Auto-Creation" 60 + 61 + echo "This script helps test that:" 62 + echo " 1. First-time login creates a membership record" 63 + echo " 2. Repeated login doesn't create duplicates" 64 + echo " 3. Login succeeds even if membership creation fails" 65 + echo "" 66 + echo "Prerequisites:" 67 + echo " • Dev servers running (pnpm dev)" 68 + echo " • Database migrations applied" 69 + echo " • Test user account on PDS" 70 + echo "" 71 + 72 + read -p "Continue with testing? [y/N] " -n 1 -r 73 + echo 74 + if [[ ! $REPLY =~ ^[Yy]$ ]]; then 75 + echo "Exiting." 76 + exit 0 77 + fi 78 + 79 + # Get test user DID 80 + print_step "1" "Enter test user information" 81 + read -p "Enter test user DID (e.g., did:plc:abc123): " TEST_DID 82 + read -p "Enter test user handle (e.g., test.bsky.social): " TEST_HANDLE 83 + 84 + if [ -z "$TEST_DID" ] || [ -z "$TEST_HANDLE" ]; then 85 + print_error "DID and handle are required" 86 + exit 1 87 + fi 88 + 89 + # Check if membership already exists in database 90 + print_step "2" "Checking database for existing membership" 91 + FORUM_URI="at://${FORUM_DID}/space.atbb.forum.forum/self" 92 + 93 + MEMBERSHIP_COUNT=$(psql "$DATABASE_URL" -t -c \ 94 + "SELECT COUNT(*) FROM memberships WHERE did = '$TEST_DID' AND \"forumUri\" = '$FORUM_URI';" \ 95 + 2>/dev/null | tr -d ' ') 96 + 97 + if [ "$MEMBERSHIP_COUNT" -gt 0 ]; then 98 + print_info "Found $MEMBERSHIP_COUNT existing membership(s) in database" 99 + read -p "Delete existing membership to test first-time login? [y/N] " -n 1 -r 100 + echo 101 + if [[ $REPLY =~ ^[Yy]$ ]]; then 102 + psql "$DATABASE_URL" -c \ 103 + "DELETE FROM memberships WHERE did = '$TEST_DID' AND \"forumUri\" = '$FORUM_URI';" 104 + print_success "Deleted existing membership from database" 105 + fi 106 + else 107 + print_success "No existing membership in database (ready for first-time login test)" 108 + fi 109 + 110 + # Instructions for OAuth flow 111 + print_step "3" "OAuth Login Flow" 112 + echo "" 113 + echo "Manual steps:" 114 + echo " 1. Open browser to http://localhost:3001" 115 + echo " 2. Click 'Login' button" 116 + echo " 3. Enter handle: $TEST_HANDLE" 117 + echo " 4. Complete OAuth flow at PDS" 118 + echo " 5. Verify redirect to homepage" 119 + echo "" 120 + read -p "Press Enter after completing OAuth login..." 121 + 122 + # Check server logs for membership creation 123 + print_step "4" "Checking server logs" 124 + print_info "Looking for membership creation logs in the last 60 seconds..." 125 + 126 + # Try to find logs (this assumes logs are in stdout/stderr of dev server) 127 + echo "" 128 + echo "Expected log patterns:" 129 + echo " • First login: \"Membership record created\"" 130 + echo " • Repeated login: \"Membership already exists\"" 131 + echo " • Error case: \"Failed to create membership record - login will proceed\"" 132 + echo "" 133 + print_info "Check your dev server console for these log messages" 134 + 135 + # Query database for indexed membership 136 + print_step "5" "Checking database for indexed membership" 137 + sleep 2 # Give firehose a moment to index 138 + 139 + MEMBERSHIP_DATA=$(psql "$DATABASE_URL" -c \ 140 + "SELECT did, rkey, \"forumUri\", \"joinedAt\", \"createdAt\", \"indexedAt\" 141 + FROM memberships 142 + WHERE did = '$TEST_DID' AND \"forumUri\" = '$FORUM_URI';" \ 143 + 2>/dev/null) 144 + 145 + if echo "$MEMBERSHIP_DATA" | grep -q "$TEST_DID"; then 146 + print_success "Membership found in database" 147 + echo "$MEMBERSHIP_DATA" 148 + else 149 + print_error "Membership not found in database yet" 150 + print_info "Firehose may still be indexing. Wait 10-30 seconds and check again:" 151 + echo " psql \"\$DATABASE_URL\" -c \"SELECT * FROM memberships WHERE did = '$TEST_DID';\"" 152 + fi 153 + 154 + # Test repeated login 155 + print_step "6" "Test repeated login (no duplicate)" 156 + echo "" 157 + echo "Manual steps:" 158 + echo " 1. Logout from forum (http://localhost:3001/api/auth/logout)" 159 + echo " 2. Login again with same account" 160 + echo " 3. Complete OAuth flow" 161 + echo " 4. Check logs for \"Membership already exists\"" 162 + echo "" 163 + read -p "Press Enter after completing repeated login test..." 164 + 165 + # Verify no duplicate in database 166 + FINAL_COUNT=$(psql "$DATABASE_URL" -t -c \ 167 + "SELECT COUNT(*) FROM memberships WHERE did = '$TEST_DID' AND \"forumUri\" = '$FORUM_URI';" \ 168 + 2>/dev/null | tr -d ' ') 169 + 170 + if [ "$FINAL_COUNT" -eq 1 ]; then 171 + print_success "Verified: Exactly 1 membership record (no duplicate created)" 172 + elif [ "$FINAL_COUNT" -gt 1 ]; then 173 + print_error "FAIL: Found $FINAL_COUNT memberships (duplicates created!)" 174 + psql "$DATABASE_URL" -c \ 175 + "SELECT * FROM memberships WHERE did = '$TEST_DID' AND \"forumUri\" = '$FORUM_URI';" 176 + exit 1 177 + else 178 + print_error "FAIL: No membership found in database" 179 + exit 1 180 + fi 181 + 182 + # Summary 183 + print_header "Test Summary" 184 + print_success "Membership auto-creation appears to be working correctly" 185 + echo "" 186 + echo "Verified:" 187 + echo " ✓ Membership record created on first login" 188 + echo " ✓ No duplicate created on repeated login" 189 + echo " ✓ Login flow completed successfully" 190 + echo "" 191 + echo "Next steps:" 192 + echo " • Review server logs for proper log messages" 193 + echo " • Test error scenarios (PDS unreachable, database failure)" 194 + echo " • Create pull request for ATB-15"