fix: accessibility improvements and test infrastructure hardening

Add aria-labels to form controls (selects, checkboxes, switches), set html lang attribute and page title, fix color contrast for --candle-dim and --text-faint tokens, underline inline links, remove opacity hack. Harden dev login endpoints with atomic findOneAndUpdate and tokenVersion in JWT. Update Playwright timeouts and E2E test helpers.
2026-04-05 21:59:02 +01:00 · 2026-04-05 21:59:02 +01:00 · c40f2c7c63
commit c40f2c7c63
parent 61c16d8bac
35 changed files with 787 additions and 173 deletions
--- a/server/api/dev/test-login.get.js
+++ b/server/api/dev/test-login.get.js
@ -10,23 +10,16 @@ export default defineEventHandler(async (event) => {

  await connectDB()

-  // Find or create a test admin user
-  let member = await Member.findOne({ email: 'test-admin@ghostguild.dev' })
-
-  if (!member) {
-    member = await Member.create({
-      email: 'test-admin@ghostguild.dev',
-      name: 'Test Admin',
-      circle: 'founder',
-      contributionTier: '0',
-      role: 'admin',
-      status: 'active',
-    })
-  }
+  // Find or create a test admin user (atomic to avoid race conditions in parallel tests)
+  const member = await Member.findOneAndUpdate(
+    { email: 'test-admin@ghostguild.dev' },
+    { $setOnInsert: { name: 'Test Admin', circle: 'founder', contributionTier: '0', role: 'admin', status: 'active' } },
+    { upsert: true, new: true }
+  )

  const config = useRuntimeConfig(event)
  const token = jwt.sign(
-    { memberId: member._id, email: member.email },
+    { memberId: member._id, email: member.email, tv: member.tokenVersion || 0 },
    config.jwtSecret,
    { expiresIn: '7d' }
  )
@ -35,6 +28,7 @@ export default defineEventHandler(async (event) => {
    httpOnly: true,
    secure: false,
    sameSite: 'lax',
+    path: '/',
    maxAge: 60 * 60 * 24 * 7,
  })