@jmruthers/pace-core 0.5.73 → 0.5.75

package/src/services/__tests__/AuthService.test.ts

@@ -352,5 +352,293 @@ describe('AuthService', () => {
       await authService.signIn('test@example.com', 'password');
       expect(authService.getError()).toBeNull();
     });
+
+    it('should handle exceptions during sign in', async () => {
+      const exceptionError = new Error('Unexpected exception');
+      mockSupabase.auth.signInWithPassword.mockRejectedValue(exceptionError);
+
+      const result = await authService.signIn('test@example.com', 'password');
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Unexpected exception');
+    });
+
+    it('should handle exceptions during sign up', async () => {
+      const exceptionError = new Error('Unexpected exception');
+      mockSupabase.auth.signUp.mockRejectedValue(exceptionError);
+
+      const result = await authService.signUp('test@example.com', 'password');
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Unexpected exception');
+    });
+
+    it('should handle exceptions during sign out', async () => {
+      const exceptionError = new Error('Unexpected exception');
+      mockSupabase.auth.signOut.mockRejectedValue(exceptionError);
+
+      const result = await authService.signOut();
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Unexpected exception');
+    });
+
+    it('should handle exceptions during password reset', async () => {
+      const exceptionError = new Error('Unexpected exception');
+      mockSupabase.auth.resetPasswordForEmail.mockRejectedValue(exceptionError);
+
+      const result = await authService.resetPassword('test@example.com');
+
+      expect(result.error).toBeInstanceOf(AuthError);
+    });
+
+    it('should handle missing Supabase client on sign up', async () => {
+      const serviceWithoutClient = new AuthService(null as any);
+      
+      const result = await serviceWithoutClient.signUp('test@example.com', 'password');
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Supabase client not available');
+    });
+
+    it('should handle missing Supabase client on sign out', async () => {
+      const serviceWithoutClient = new AuthService(null as any);
+      
+      const result = await serviceWithoutClient.signOut();
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Supabase client not available');
+    });
+
+    it('should handle missing Supabase client on password reset', async () => {
+      const serviceWithoutClient = new AuthService(null as any);
+      
+      const result = await serviceWithoutClient.resetPassword('test@example.com');
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Supabase client not available');
+    });
+
+    it('should handle missing Supabase client on update password', async () => {
+      const serviceWithoutClient = new AuthService(null as any);
+      
+      const result = await serviceWithoutClient.updatePassword('newpassword');
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Supabase client not available');
+    });
+
+    it('should handle missing Supabase client on session refresh', async () => {
+      const serviceWithoutClient = new AuthService(null as any);
+      
+      const result = await serviceWithoutClient.refreshSession();
+
+      expect(result.error).toBeInstanceOf(AuthError);
+      expect(result.error?.message).toBe('Supabase client not available');
+    });
+  });
+
+  describe('Session Management Edge Cases', () => {
+    it('should handle session refresh with null data', async () => {
+      mockSupabase.auth.refreshSession.mockResolvedValue({
+        data: { session: null, user: null },
+        error: null
+      });
+
+      const result = await authService.refreshSession();
+
+      expect(result.user).toBeNull();
+      expect(result.session).toBeNull();
+      expect(result.error).toBeNull();
+      expect(authService.getUser()).toBeNull();
+      expect(authService.getSession()).toBeNull();
+    });
+
+    it('should handle session refresh with user but no session by clearing both', async () => {
+      const mockUser = { id: '1', email: 'test@example.com' };
+
+      mockSupabase.auth.refreshSession.mockResolvedValue({
+        data: { session: null, user: mockUser },
+        error: null
+      });
+
+      const result = await authService.refreshSession();
+
+      // If there's no session, we should clear user state too
+      // This is intentional - without a valid session, we can't trust the user object
+      expect(result.user).toBeNull();
+      expect(result.session).toBeNull();
+      expect(authService.getUser()).toBeNull();
+      expect(authService.getSession()).toBeNull();
+    });
+
+    it('should handle refresh session errors by clearing state', async () => {
+      const mockError = new AuthError('Session expired');
+
+      mockSupabase.auth.refreshSession.mockResolvedValue({
+        data: { session: null, user: null },
+        error: mockError
+      });
+
+      const result = await authService.refreshSession();
+
+      expect(result.error).toEqual(mockError);
+      expect(authService.getUser()).toBeNull();
+      expect(authService.getSession()).toBeNull();
+      expect(authService.isAuthenticated()).toBe(false);
+    });
+  });
+
+  describe('Initialization Edge Cases', () => {
+    it('should handle initialization without Supabase client', async () => {
+      const serviceWithoutClient = new AuthService(null as any);
+      await serviceWithoutClient.initialize();
+
+      expect(mockSupabase.auth.getSession).not.toHaveBeenCalled();
+      expect(mockSupabase.auth.onAuthStateChange).not.toHaveBeenCalled();
+    });
+
+    it('should handle initialization with getSession error', async () => {
+      const sessionError = new AuthError('Session error');
+      mockSupabase.auth.getSession.mockResolvedValue({
+        data: { session: null },
+        error: sessionError
+      });
+      mockSupabase.auth.getUser.mockResolvedValue({
+        data: { user: null },
+        error: null
+      });
+      mockSupabase.auth.onAuthStateChange.mockReturnValue({
+        data: { subscription: { unsubscribe: vi.fn() } }
+      });
+
+      await authService.initialize();
+
+      expect(mockSupabase.auth.getSession).toHaveBeenCalled();
+      expect(mockSupabase.auth.getUser).toHaveBeenCalled();
+    });
+
+    it('should handle initialization with getUser error', async () => {
+      const userError = new AuthError('User error');
+      mockSupabase.auth.getSession.mockResolvedValue({
+        data: { session: null },
+        error: null
+      });
+      mockSupabase.auth.getUser.mockResolvedValue({
+        data: { user: null },
+        error: userError
+      });
+      mockSupabase.auth.onAuthStateChange.mockReturnValue({
+        data: { subscription: { unsubscribe: vi.fn() } }
+      });
+
+      await authService.initialize();
+
+      expect(mockSupabase.auth.getUser).toHaveBeenCalled();
+    });
+
+    it('should restore session from storage during initialization', async () => {
+      const mockUser = { id: '1', email: 'test@example.com' };
+      const mockSession = { access_token: 'token', user: mockUser };
+
+      mockSupabase.auth.getSession.mockResolvedValue({
+        data: { session: mockSession },
+        error: null
+      });
+      mockSupabase.auth.onAuthStateChange.mockReturnValue({
+        data: { subscription: { unsubscribe: vi.fn() } }
+      });
+
+      await authService.initialize();
+
+      expect(authService.getUser()).toEqual(mockUser);
+      expect(authService.getSession()).toEqual(mockSession);
+      expect(authService.isAuthenticated()).toBe(true);
+    });
+
+    it('should handle auth state change unsubscribe gracefully', () => {
+      const unsubscribeFn = vi.fn();
+      mockSupabase.auth.onAuthStateChange.mockReturnValue({
+        data: { subscription: { unsubscribe: unsubscribeFn } }
+      });
+
+      authService.cleanup();
+
+      // Should not throw error
+      expect(unsubscribeFn).not.toHaveBeenCalled();
+    });
+
+    it('should handle auth state change events correctly', async () => {
+      const mockUser = { id: '1', email: 'test@example.com' };
+      const mockSession = { access_token: 'token', user: mockUser };
+      
+      let authStateCallback: any;
+      mockSupabase.auth.onAuthStateChange.mockImplementation((callback) => {
+        authStateCallback = callback;
+        return { data: { subscription: { unsubscribe: vi.fn() } } };
+      });
+
+      await authService.initialize();
+
+      // Simulate SIGNED_IN event
+      if (authStateCallback) {
+        authStateCallback('SIGNED_IN', mockSession);
+        expect(authService.getUser()).toEqual(mockUser);
+        expect(authService.getSession()).toEqual(mockSession);
+      }
+
+      // Simulate SIGNED_OUT event
+      if (authStateCallback) {
+        authStateCallback('SIGNED_OUT', null);
+        expect(authService.getUser()).toBeNull();
+        expect(authService.getSession()).toBeNull();
+      }
+
+      // Simulate TOKEN_REFRESHED event
+      const refreshedSession = { ...mockSession, access_token: 'new_token' };
+      if (authStateCallback) {
+        authStateCallback('TOKEN_REFRESHED', refreshedSession);
+        expect(authService.getSession()).toEqual(refreshedSession);
+      }
+
+      // Simulate INITIAL_SESSION event
+      const initialSession = { access_token: 'initial_token', user: mockUser };
+      if (authStateCallback) {
+        authStateCallback('INITIAL_SESSION', initialSession);
+        expect(authService.getSession()).toEqual(initialSession);
+      }
+    });
+
+    it('should handle errors in auth state change callback', async () => {
+      const consoleWarnSpy = vi.spyOn(console, 'warn').mockImplementation(() => {});
+      
+      mockSupabase.auth.onAuthStateChange.mockImplementation((callback) => {
+        // Simulate error in callback
+        try {
+          callback('INITIAL_SESSION', null);
+        } catch (error) {
+          // Error is expected to be caught and logged
+        }
+        return { data: { subscription: { unsubscribe: vi.fn() } } };
+      });
+
+      await authService.initialize();
+
+      expect(consoleWarnSpy).not.toHaveBeenCalled();
+      consoleWarnSpy.mockRestore();
+    });
+  });
+
+  describe('Get Session with Null User', () => {
+    it('should handle session with null user object', () => {
+      const mockSessionWithNullUser = { access_token: 'token', user: null };
+      
+      // This would be set via internal state
+      (authService as any).session = mockSessionWithNullUser;
+      
+      expect(authService.getSession()).toEqual(mockSessionWithNullUser);
+      expect(authService.getUser()).toBeNull();
+      expect(authService.isAuthenticated()).toBe(false);
+    });
   });
 });

package/src/styles/core.css

@@ -104,6 +104,7 @@
     font-weight: 600;
     line-height: 1.4;
     color: var(--color-main-700);
+    letter-spacing: -0.05rem;
   }
 
   h5 {
@@ -111,6 +112,7 @@
     font-weight: 500;
     line-height: 1.4;
     color: var(--color-main-800);
+    letter-spacing: -0.025rem;
   }
 
   h6 {

package/src/types/__tests__/guards.test.ts

@@ -0,0 +1,246 @@
+/**
+ * @file Type Guard Tests
+ * @package @jmruthers/pace-core
+ * @module Types/Guards
+ * @since 0.4.0
+ *
+ * Comprehensive tests for type guard functions.
+ */
+
+import { describe, it, expect } from 'vitest';
+import { isAuthErrorCode, isUser, isSession } from '../guards';
+import { AuthErrorCode } from '../unified';
+
+describe('Type Guards', () => {
+  describe('isAuthErrorCode', () => {
+    it('should return true for valid auth error codes', () => {
+      expect(isAuthErrorCode('INVALID_CREDENTIALS')).toBe(true);
+      expect(isAuthErrorCode('USER_NOT_FOUND')).toBe(true);
+      expect(isAuthErrorCode('EMAIL_NOT_CONFIRMED')).toBe(true);
+      expect(isAuthErrorCode('PASSWORD_TOO_WEAK')).toBe(true);
+      expect(isAuthErrorCode('SESSION_EXPIRED')).toBe(true);
+    });
+
+    it('should return false for invalid auth error codes', () => {
+      expect(isAuthErrorCode('INVALID_CODE')).toBe(false);
+      expect(isAuthErrorCode('unknown_error')).toBe(false);
+      expect(isAuthErrorCode('')).toBe(false);
+    });
+
+    it('should return false for non-string values', () => {
+      expect(isAuthErrorCode(null as any)).toBe(false);
+      expect(isAuthErrorCode(undefined as any)).toBe(false);
+      expect(isAuthErrorCode(123 as any)).toBe(false);
+      expect(isAuthErrorCode({} as any)).toBe(false);
+      expect(isAuthErrorCode([] as any)).toBe(false);
+    });
+
+    it('should return true for all enum values', () => {
+      Object.values(AuthErrorCode).forEach(code => {
+        expect(isAuthErrorCode(code)).toBe(true);
+      });
+    });
+  });
+
+  describe('isUser', () => {
+    it('should return true for valid user objects', () => {
+      const validUser = {
+        id: 'user-123',
+        created_at: '2024-01-01T00:00:00Z',
+        email: 'test@example.com'
+      };
+
+      expect(isUser(validUser)).toBe(true);
+    });
+
+    it('should return false for null or undefined', () => {
+      expect(isUser(null)).toBe(false);
+      expect(isUser(undefined)).toBe(false);
+    });
+
+    it('should return false for non-object types', () => {
+      expect(isUser('string')).toBe(false);
+      expect(isUser(123)).toBe(false);
+      expect(isUser(true)).toBe(false);
+      expect(isUser([])).toBe(false);
+    });
+
+    it('should return false for objects missing id', () => {
+      expect(isUser({ created_at: '2024-01-01T00:00:00Z' })).toBe(false);
+      expect(isUser({ email: 'test@example.com' })).toBe(false);
+    });
+
+    it('should return false for objects with non-string id', () => {
+      expect(isUser({ id: 123, created_at: '2024-01-01T00:00:00Z' })).toBe(false);
+      expect(isUser({ id: null, created_at: '2024-01-01T00:00:00Z' })).toBe(false);
+      expect(isUser({ id: undefined, created_at: '2024-01-01T00:00:00Z' })).toBe(false);
+    });
+
+    it('should return false for objects missing created_at', () => {
+      expect(isUser({ id: 'user-123' })).toBe(false);
+      expect(isUser({ id: 'user-123', email: 'test@example.com' })).toBe(false);
+    });
+
+    it('should return false for objects with non-string created_at', () => {
+      expect(isUser({ id: 'user-123', created_at: 123 })).toBe(false);
+      expect(isUser({ id: 'user-123', created_at: null })).toBe(false);
+      expect(isUser({ id: 'user-123', created_at: undefined })).toBe(false);
+    });
+
+    it('should return true for users with additional properties', () => {
+      const userWithExtraProps = {
+        id: 'user-123',
+        created_at: '2024-01-01T00:00:00Z',
+        email: 'test@example.com',
+        metadata: { role: 'admin' },
+        extraField: 'value'
+      };
+
+      expect(isUser(userWithExtraProps)).toBe(true);
+    });
+
+    it('should return true for empty string id (edge case)', () => {
+      const userWithEmptyId = {
+        id: '',
+        created_at: '2024-01-01T00:00:00Z'
+      };
+
+      expect(isUser(userWithEmptyId)).toBe(true);
+    });
+  });
+
+  describe('isSession', () => {
+    it('should return true for valid session objects', () => {
+      const validSession = {
+        access_token: 'token-123',
+        user: {
+          id: 'user-123',
+          created_at: '2024-01-01T00:00:00Z'
+        }
+      };
+
+      expect(isSession(validSession)).toBe(true);
+    });
+
+    it('should return false for null or undefined', () => {
+      expect(isSession(null)).toBe(false);
+      expect(isSession(undefined)).toBe(false);
+    });
+
+    it('should return false for non-object types', () => {
+      expect(isSession('string')).toBe(false);
+      expect(isSession(123)).toBe(false);
+      expect(isSession(true)).toBe(false);
+      expect(isSession([])).toBe(false);
+    });
+
+    it('should return false for objects missing access_token', () => {
+      expect(isSession({ user: { id: 'user-123', created_at: '2024-01-01T00:00:00Z' } })).toBe(false);
+    });
+
+    it('should return false for objects with non-string access_token', () => {
+      expect(isSession({ 
+        access_token: 123, 
+        user: { id: 'user-123', created_at: '2024-01-01T00:00:00Z' } 
+      })).toBe(false);
+
+      expect(isSession({ 
+        access_token: null, 
+        user: { id: 'user-123', created_at: '2024-01-01T00:00:00Z' } 
+      })).toBe(false);
+
+      expect(isSession({ 
+        access_token: undefined, 
+        user: { id: 'user-123', created_at: '2024-01-01T00:00:00Z' } 
+      })).toBe(false);
+    });
+
+    it('should return false for objects missing user', () => {
+      expect(isSession({ access_token: 'token-123' })).toBe(false);
+    });
+
+    it('should return false for objects with non-object user', () => {
+      expect(isSession({ 
+        access_token: 'token-123', 
+        user: 'not an object' 
+      })).toBe(false);
+
+      expect(isSession({ 
+        access_token: 'token-123', 
+        user: null 
+      })).toBe(false);
+
+      expect(isSession({ 
+        access_token: 'token-123', 
+        user: undefined 
+      })).toBe(false);
+    });
+
+    it('should return true for sessions with additional properties', () => {
+      const sessionWithExtraProps = {
+        access_token: 'token-123',
+        refresh_token: 'refresh-123',
+        user: {
+          id: 'user-123',
+          created_at: '2024-01-01T00:00:00Z'
+        },
+        expires_at: 1234567890,
+        expires_in: 3600
+      };
+
+      expect(isSession(sessionWithExtraProps)).toBe(true);
+    });
+
+    it('should return true for empty string access_token (edge case)', () => {
+      const sessionWithEmptyToken = {
+        access_token: '',
+        user: {
+          id: 'user-123',
+          created_at: '2024-01-01T00:00:00Z'
+        }
+      };
+
+      expect(isSession(sessionWithEmptyToken)).toBe(true);
+    });
+  });
+
+  describe('Edge Cases', () => {
+    it('should handle deeply nested objects correctly', () => {
+      const deeplyNested = {
+        id: 'user-123',
+        created_at: '2024-01-01T00:00:00Z',
+        nested: {
+          deeply: {
+            nested: {
+              property: 'value'
+            }
+          }
+        }
+      };
+
+      expect(isUser(deeplyNested)).toBe(true);
+    });
+
+    it('should handle special object types', () => {
+      const dateObj = new Date();
+      expect(isUser(dateObj)).toBe(false);
+      expect(isSession(dateObj)).toBe(false);
+
+      const arrayObj = [];
+      expect(isUser(arrayObj)).toBe(false);
+      expect(isSession(arrayObj)).toBe(false);
+
+      const functionObj = () => {};
+      expect(isUser(functionObj)).toBe(false);
+      expect(isSession(functionObj)).toBe(false);
+    });
+
+    it('should handle prototype pollution attempts', () => {
+      const malicious = Object.create(null);
+      (malicious as any).__proto__ = { id: 'user-123', created_at: '2024-01-01T00:00:00Z' };
+      
+      expect(isUser(malicious)).toBe(false);
+    });
+  });
+});
+

package/src/types/guards.ts

@@ -25,6 +25,7 @@ export function isSession(obj: unknown): obj is Session {
     candidate != null &&
     typeof candidate === 'object' &&
     typeof candidate.access_token === 'string' &&
+    candidate.user != null &&
     typeof candidate.user === 'object'
   );
 }

package/src/types/organisation.ts

@@ -103,7 +103,7 @@ export interface OrganisationSecurityError extends Error {
 
 export interface OrganisationContextType {
   // Current organisation context
-  selectedOrganisation: Organisation;
+  selectedOrganisation: Organisation | null;
   organisations: Organisation[];
   userMemberships: OrganisationMembership[];
   
@@ -111,9 +111,10 @@ export interface OrganisationContextType {
   isLoading: boolean;
   error: Error | null;
   hasValidOrganisationContext: boolean;
+  isContextReady: boolean;
   
   // Organisation management
-  setSelectedOrganisation: (org: Organisation) => void;
+  setSelectedOrganisation: (org: Organisation | null) => void;
   switchOrganisation: (orgId: string) => Promise<void>;
   
   // Security helpers