solelog/apps/api/test/me.test.ts

import { describe, it, expect } from 'vitest';
import { createApp } from '../src/app';
import { authToken, bearer } from './helpers';

describe('GET /api/me', () => {
  it('rejects an unauthenticated request', async () => {
    const app = createApp();
    const res = await app.request('/api/me');
    expect(res.status).toBe(401);
  });

  it('returns the user for a valid bearer token (create -> sign-in -> me)', async () => {
    const app = createApp();
    const email = 'me@example.com';
    const token = await authToken(app, email);

    const res = await app.request('/api/me', { headers: bearer(token) });
    expect(res.status).toBe(200);
    const body = await res.json();
    expect(body.user.email).toBe(email);
  });

  it('returns role "worker" for a worker token', async () => {
    const app = createApp();
    const token = await authToken(app, 'worker-role@example.com', 'worker');

    const res = await app.request('/api/me', { headers: bearer(token) });
    expect(res.status).toBe(200);
    const body = await res.json();
    expect(body.user.role).toBe('worker');
  });

  it('returns role "admin" for an admin token', async () => {
    const app = createApp();
    const token = await authToken(app, 'admin-role@example.com', 'admin');

    const res = await app.request('/api/me', { headers: bearer(token) });
    expect(res.status).toBe(200);
    const body = await res.json();
    expect(body.user.role).toBe('admin');
  });
});