refactor(#411): QA-011 — unify request-with-user types into AuthenticatedRequest

Replace 4 redundant request interfaces (RequestWithSession, AuthRequest, BetterAuthRequest, RequestWithUser) with AuthenticatedRequest and MaybeAuthenticatedRequest in apps/api/src/auth/types/. - AuthenticatedRequest: extends Express Request with non-optional user/session (used in controllers behind AuthGuard) - MaybeAuthenticatedRequest: extends Express Request with optional user/session (used in AuthGuard and CurrentUser decorator before auth is confirmed) - Removed dead-code null checks in getSession (AuthGuard guarantees presence) - Fixed cookies type safety in AuthGuard (cast from any to Record) - Updated test expectations to match new type contract Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-16 14:00:14 -06:00
parent df495c67b5
commit 0a2eaaa5e4
5 changed files with 44 additions and 91 deletions
--- a/apps/api/src/auth/auth.controller.spec.ts
+++ b/apps/api/src/auth/auth.controller.spec.ts
@@ -287,41 +287,9 @@ describe("AuthController", () => {
      expect(result).toEqual(expected);
    });

-    it("should throw HttpException(401) if user not found in request", () => {
-      const mockRequest = {
-        session: {
-          id: "session-123",
-          token: "session-token",
-          expiresAt: new Date(),
-        },
-      };
-
-      expect(() => controller.getSession(mockRequest)).toThrow(HttpException);
-      try {
-        controller.getSession(mockRequest);
-      } catch (err) {
-        expect((err as HttpException).getStatus()).toBe(HttpStatus.UNAUTHORIZED);
-        expect((err as HttpException).getResponse()).toBe("User session not found");
-      }
-    });
-
-    it("should throw HttpException(401) if session not found in request", () => {
-      const mockRequest = {
-        user: {
-          id: "user-123",
-          email: "test@example.com",
-          name: "Test User",
-        },
-      };
-
-      expect(() => controller.getSession(mockRequest)).toThrow(HttpException);
-      try {
-        controller.getSession(mockRequest);
-      } catch (err) {
-        expect((err as HttpException).getStatus()).toBe(HttpStatus.UNAUTHORIZED);
-        expect((err as HttpException).getResponse()).toBe("User session not found");
-      }
-    });
+    // Note: Tests for missing user/session were removed because
+    // AuthenticatedRequest guarantees both are present (enforced by AuthGuard).
+    // NestJS returns 401 before getSession is reached if the guard rejects.
  });

  describe("getProfile", () => {