feat(auth): enhance authentication system with multi-user support and admin role management

- Implemented multi-user authentication with role-based access control. - Added environment variables for initial admin user setup. - Updated README and example environment file with new authentication options. - Introduced user and system configuration models in the database schema. - Enhanced authentication middleware to support user registration and role management. - Updated frontend to handle new authentication flows, including admin user creation and role updates.
2026-01-18 09:43:32 -08:00
parent 20ef4ee295
commit 1a52fe80f3
27 changed files with 1692 additions and 237 deletions
@@ -1,17 +1,27 @@
 import { defineConfig, devices } from "@playwright/test";
+import path from "path";
+import os from "os";

 // Centralized test environment URLs
 const FRONTEND_PORT = 5173;
 const BACKEND_PORT = 8000;
 const FRONTEND_URL = process.env.BASE_URL || `http://localhost:${FRONTEND_PORT}`;
-const BACKEND_URL = process.env.API_URL || http://localhost:${BACKEND_PORT}`;
+const BACKEND_URL = process.env.API_URL || `http://localhost:${BACKEND_PORT}`;
+const API_URL = BACKEND_URL;
 const AUTH_USERNAME = process.env.AUTH_USERNAME || "admin";
-const AUTH_PASSWORD = process.env.AUTH_PASSWORD || "admin";
+const AUTH_PASSWORD = process.env.AUTH_PASSWORD || "admin123";
 const AUTH_SESSION_SECRET = process.env.AUTH_SESSION_SECRET || "e2e-auth-secret";
+const E2E_DB_NAME = process.env.E2E_DB_NAME || `e2e-${Date.now()}.db`;
+const DATABASE_URL = process.env.DATABASE_URL || `file:${path.join(os.tmpdir(), E2E_DB_NAME)}`;

 process.env.AUTH_USERNAME = AUTH_USERNAME;
 process.env.AUTH_PASSWORD = AUTH_PASSWORD;
 process.env.AUTH_SESSION_SECRET = AUTH_SESSION_SECRET;
+process.env.AUTH_EMAIL = process.env.AUTH_EMAIL || "admin@example.com";
+process.env.AUTH_MIN_PASSWORD_LENGTH = process.env.AUTH_MIN_PASSWORD_LENGTH || "7";
+process.env.E2E_DB_NAME = E2E_DB_NAME;
+process.env.DATABASE_URL = DATABASE_URL;
+process.env.VITE_API_URL = process.env.VITE_API_URL || "/api";

 /**
 * Playwright configuration for E2E browser testing
@@ -26,7 +36,7 @@ export default defineConfig({
  testDir: "./tests",

  // Run tests in parallel
-  fullyParallel: true,
+  fullyParallel: false,

  // Fail the build on test.only() in CI
  forbidOnly: !!process.env.CI,
@@ -35,7 +45,7 @@ export default defineConfig({
  retries: process.env.CI ? 2 : 0,

  // Limit parallel workers in CI
-  workers: process.env.CI ? 1 : undefined,
+  workers: process.env.CI ? 1 : 1,

  // Reporter configuration
  reporter: [
@@ -65,6 +75,9 @@ export default defineConfig({
    // Base URL for page.goto()
    baseURL: FRONTEND_URL,

+    // Load shared auth state
+    storageState: path.resolve(__dirname, "tests/.auth/storageState.json"),
+
    // Collect trace on first retry
    trace: "on-first-retry",

@@ -90,32 +103,46 @@ export default defineConfig({
  ],

  // Run local dev servers before tests (skip if NO_SERVER or CI)
-  webServer: (process.env.CI || process.env.NO_SERVER === "true") ? undefined : [
-    {
-      command: "cd ../backend && npm run dev",
-      url: `${BACKEND_URL}/health`,
-      reuseExistingServer: true,
-      timeout: 120000,
-      stdout: "pipe",
-      stderr: "pipe",
-      env: {
-        // Prisma resolves relative SQLite paths from the schema directory (backend/prisma).
-        // Using `file:./dev.db` avoids accidentally creating `prisma/prisma/dev.db`.
-        DATABASE_URL: "file:./dev.db",
-        FRONTEND_URL,
-        CSRF_MAX_REQUESTS: "1000",
-        AUTH_USERNAME,
-        AUTH_PASSWORD,
-        AUTH_SESSION_SECRET,
-      },
-    },
-    {
-      command: "cd ../frontend && npm run dev -- --host",
-      url: FRONTEND_URL,
-      reuseExistingServer: true,
-      timeout: 120000,
-      stdout: "pipe",
-      stderr: "pipe",
-    },
-  ],
+  webServer: (process.env.CI || process.env.NO_SERVER === "true")
+    ? undefined
+    : [
+        {
+          command: "cd ../backend && npx prisma db push && npx ts-node src/index.ts",
+          url: `${BACKEND_URL}/health`,
+          reuseExistingServer: true,
+          timeout: 120000,
+          stdout: "pipe",
+          stderr: "pipe",
+          env: {
+            // Prisma resolves relative SQLite paths from the schema directory (backend/prisma).
+            DATABASE_URL,
+            FRONTEND_URL,
+            CSRF_MAX_REQUESTS: "10000",
+            AUTH_USERNAME,
+            AUTH_PASSWORD,
+            AUTH_MIN_PASSWORD_LENGTH: "7",
+            AUTH_SESSION_SECRET,
+            AUTH_SESSION_TTL_HOURS: "4",
+            RATE_LIMIT_MAX_REQUESTS: "20000",
+            NODE_ENV: "e2e",
+            TS_NODE_TRANSPILE_ONLY: "1",
+          },
+        },
+        {
+          command: "cd ../frontend && npm run dev -- --host",
+          url: FRONTEND_URL,
+          reuseExistingServer: true,
+          timeout: 120000,
+          stdout: "pipe",
+          stderr: "pipe",
+          env: {
+            VITE_API_URL: "/api",
+            API_URL,
+          },
+        },
+      ],
+
+  globalSetup: require.resolve("./tests/global-setup"),
+  globalTeardown: require.resolve("./tests/global-teardown"),
 });
+