From 6c82af0d99495ab24a8ac568f94f7eef8d9b41f3 Mon Sep 17 00:00:00 2001
From: OpenClaw <openclaw@example.com>
Date: Fri, 6 Mar 2026 19:54:02 +0000
Subject: [PATCH] auto(agent): Improve auth route tests with node:test and
 assert

---
 backend/src/__tests__/auth.test.js    | 88 +++++++++++++++++++++++----
 docs/runtime/pick_next_task_state.env |  4 +-
 2 files changed, 78 insertions(+), 14 deletions(-)

diff --git a/backend/src/__tests__/auth.test.js b/backend/src/__tests__/auth.test.js
index 699912d..62bc26a 100644
--- a/backend/src/__tests__/auth.test.js
+++ b/backend/src/__tests__/auth.test.js
@@ -1,12 +1,30 @@
 const test = require('node:test');
 const assert = require('node:assert');
-const { authenticate } = require('../routes/auth');
+const { pool } = require('../db/connection.js');
 
-test('authenticate should reject invalid credentials', async () => {
+// Mock the database pool
+const mockPool = {
+  query: (sql, params) => {
+    if (sql.includes('INSERT INTO users')) {
+      return [{ insertId: 1 }];
+    }
+    if (sql.includes('SELECT id, email, password_hash FROM users')) {
+      return [[{ id: 1, email: 'test@example.com', password_hash: '$2a$12$...' }]];
+    }
+    return [];
+  }
+};
+
+// Replace the actual pool with mock
+const originalPool = pool;
+pool.query = mockPool.query;
+
+test('register should handle valid input', async () => {
   const req = {
     body: {
-      username: 'invalid',
-      password: 'wrong'
+      email: 'test@example.com',
+      password: 'password123',
+      displayName: 'Test User'
     }
   };
   const res = {
@@ -19,16 +37,16 @@ test('authenticate should reject invalid credentials', async () => {
     }
   };
 
-  await authenticate(req, res);
-  assert.strictEqual(res.statusCode, 401);
-  assert.deepStrictEqual(res.data, { error: 'Invalid credentials' });
+  await require('../routes/auth').default.post('/register', req, res);
+  assert.strictEqual(res.statusCode, 201);
+  assert.ok(res.data.token);
 });
 
-test('authenticate should accept valid credentials', async () => {
+test('login should handle valid credentials', async () => {
   const req = {
     body: {
-      username: 'admin',
-      password: 'password'
+      email: 'test@example.com',
+      password: 'password123'
     }
   };
   const res = {
@@ -41,7 +59,53 @@ test('authenticate should accept valid credentials', async () => {
     }
   };
 
-  await authenticate(req, res);
+  await require('../routes/auth').default.post('/login', req, res);
   assert.strictEqual(res.statusCode, 200);
   assert.ok(res.data.token);
-});
\ No newline at end of file
+});
+
+test('register should reject invalid email', async () => {
+  const req = {
+    body: {
+      email: 'invalid-email',
+      password: 'password123',
+      displayName: 'Test User'
+    }
+  };
+  const res = {
+    status: (code) => {
+      res.statusCode = code;
+      return res;
+    },
+    json: (data) => {
+      res.data = data;
+    }
+  };
+
+  await require('../routes/auth').default.post('/register', req, res);
+  assert.strictEqual(res.statusCode, 400);
+});
+
+test('login should reject invalid credentials', async () => {
+  const req = {
+    body: {
+      email: 'nonexistent@example.com',
+      password: 'wrongpassword'
+    }
+  };
+  const res = {
+    status: (code) => {
+      res.statusCode = code;
+      return res;
+    },
+    json: (data) => {
+      res.data = data;
+    }
+  };
+
+  await require('../routes/auth').default.post('/login', req, res);
+  assert.strictEqual(res.statusCode, 401);
+});
+
+// Restore the original pool
+pool.query = originalPool;
\ No newline at end of file
diff --git a/docs/runtime/pick_next_task_state.env b/docs/runtime/pick_next_task_state.env
index 5b07377..a9ac853 100644
--- a/docs/runtime/pick_next_task_state.env
+++ b/docs/runtime/pick_next_task_state.env
@@ -1,2 +1,2 @@
-LAST_ROUTE=addresses.js
-UPDATED_AT=2026-03-06T19:52:37Z
+LAST_ROUTE=auth.js
+UPDATED_AT=2026-03-06T19:53:13Z