refactor(auth): rename paymentBridge → signupBridge
After commit 90acc35 issued the cookie for $0 signups too, the "payment"
framing was wrong — there's no payment in a $0 signup. The cookie is
about bridging the gap between signup-form submit and email verify, not
about payment specifically.
Changes:
- setPaymentBridgeCookie → setSignupBridgeCookie
- getPaymentBridgeMember → getSignupBridgeMember
- Cookie wire name payment-bridge → signup-bridge
- JWT scope payment_bridge → signup_bridge
Touches both /api/helcim/subscription (signup activation) and
/api/helcim/initialize-payment (paid Helcim checkout) which both consume
the cookie. In-flight signup sessions started before this lands will
need to re-submit the form (cookie name mismatch); cutover hasn't
happened yet, so the only impact is local dev sessions.
This commit is contained in:
parent
c6a5e25d06
commit
9b79ae6bf4
8 changed files with 36 additions and 35 deletions
|
|
@ -3,7 +3,7 @@ import { describe, it, expect, vi, beforeEach } from 'vitest'
|
|||
import Member from '../../../server/models/member.js'
|
||||
import { createHelcimCustomer } from '../../../server/utils/helcim.js'
|
||||
import { sendMagicLink } from '../../../server/utils/magicLink.js'
|
||||
import { setAuthCookie, setPaymentBridgeCookie } from '../../../server/utils/auth.js'
|
||||
import { setAuthCookie, setSignupBridgeCookie } from '../../../server/utils/auth.js'
|
||||
import customerHandler from '../../../server/api/helcim/customer.post.js'
|
||||
import { resetRateLimit } from '../../../server/utils/rateLimit.js'
|
||||
import { createMockEvent } from '../helpers/createMockEvent.js'
|
||||
|
|
@ -24,7 +24,7 @@ vi.mock('../../../server/utils/magicLink.js', () => ({
|
|||
}))
|
||||
vi.mock('../../../server/utils/auth.js', () => ({
|
||||
setAuthCookie: vi.fn(),
|
||||
setPaymentBridgeCookie: vi.fn()
|
||||
setSignupBridgeCookie: vi.fn()
|
||||
}))
|
||||
|
||||
// helcimCustomerSchema is auto-imported in the handler — stub it to a passthrough
|
||||
|
|
@ -303,7 +303,7 @@ describe('POST /api/helcim/customer', () => {
|
|||
'guest@example.com',
|
||||
expect.objectContaining({ subject: 'Verify your Ghost Guild signup' })
|
||||
)
|
||||
expect(setPaymentBridgeCookie).toHaveBeenCalled()
|
||||
expect(setSignupBridgeCookie).toHaveBeenCalled()
|
||||
expect(setAuthCookie).not.toHaveBeenCalled()
|
||||
|
||||
// Response shape mirrors new-signup case AND surfaces the preserved _id.
|
||||
|
|
@ -365,7 +365,7 @@ describe('POST /api/helcim/customer', () => {
|
|||
)
|
||||
})
|
||||
|
||||
it('sets a payment-bridge cookie on paid-tier signup so checkout can proceed', async () => {
|
||||
it('sets a signup-bridge cookie on paid-tier signup so checkout can proceed', async () => {
|
||||
const event = build({
|
||||
body: {
|
||||
name: 'Paid User',
|
||||
|
|
@ -376,7 +376,7 @@ describe('POST /api/helcim/customer', () => {
|
|||
}
|
||||
})
|
||||
await customerHandler(event)
|
||||
expect(setPaymentBridgeCookie).toHaveBeenCalled()
|
||||
expect(setSignupBridgeCookie).toHaveBeenCalled()
|
||||
expect(sendMagicLink).toHaveBeenCalledWith(
|
||||
'paid@example.com',
|
||||
expect.objectContaining({ subject: 'Verify your Ghost Guild signup' })
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue