gb_flea/paperclip
1
0
Fork 0
forked from farhoodlabs/paperclip
Code Pull Requests Activity

test: add over-broad route guard test and address Greptile review

Browse Source
This commit is contained in:
lempkey
2026-04-06 16:28:42 +01:00
parent a8638619e5
commit fc8e1d1153
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/__tests__/express5-auth-wildcard.test.ts
+9
View File
@@ -38,6 +38,15 @@ describe("Express 5 /api/auth wildcard route", () => {
expect(res.status).toBe(200);
});
it("does not match unrelated paths outside /api/auth", async () => {
// Confirm the route is not over-broad — requests to other API paths
// must fall through to 404 and not reach the better-auth handler.
const { app, handler } = buildApp();
const res = await request(app).get("/api/other/endpoint");
expect(res.status).toBe(404);
expect(handler).not.toHaveBeenCalled();
});
it("invokes the handler for every matched sub-path", async () => {
const { app, handler } = buildApp();
await request(app).post("/api/auth/sign-out");