jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ghostguild-org/server/api/dev/test-login.get.js
Jennie Robinson Faber c40f2c7c63 fix: accessibility improvements and test infrastructure hardening 
Add aria-labels to form controls (selects, checkboxes, switches), set
html lang attribute and page title, fix color contrast for --candle-dim
and --text-faint tokens, underline inline links, remove opacity hack.
Harden dev login endpoints with atomic findOneAndUpdate and tokenVersion
in JWT. Update Playwright timeouts and E2E test helpers.
2026-04-05 21:59:02 +01:00

36 lines
1.1 KiB
JavaScript
Raw Blame History

import jwt from 'jsonwebtoken'
import Member from '../../models/member.js'
import { connectDB } from '../../utils/mongoose.js'
export default defineEventHandler(async (event) => {
// Only allow in development
if (process.env.NODE_ENV === 'production') {
throw createError({ statusCode: 404, statusMessage: 'Not found' })
}
await connectDB()
// Find or create a test admin user (atomic to avoid race conditions in parallel tests)
const member = await Member.findOneAndUpdate(
{ email: 'test-admin@ghostguild.dev' },
{ $setOnInsert: { name: 'Test Admin', circle: 'founder', contributionTier: '0', role: 'admin', status: 'active' } },
{ upsert: true, new: true }
)
const config = useRuntimeConfig(event)
const token = jwt.sign(
{ memberId: member._id, email: member.email, tv: member.tokenVersion || 0 },
config.jwtSecret,
{ expiresIn: '7d' }
)
setCookie(event, 'auth-token', token, {
httpOnly: true,
secure: false,
sameSite: 'lax',
path: '/',
maxAge: 60 * 60 * 24 * 7,
})
await sendRedirect(event, '/admin', 302)
})
Reference in a new issue View git blame Copy permalink