mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

fix(#411): QA-004 — HttpException for session guard + PDA-friendly auth error

Browse Source 
getSession now throws HttpException(401) instead of raw Error.
handleAuth error message updated to PDA-friendly language.
headersSent branch upgraded from warn to error with request details.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-02-16 13:18:53 -06:00
parent 4f31690281
commit 8a572e8525
4 changed files with 94 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
apps/api/src/auth/auth.controller.spec.ts
View File

@@ -101,7 +101,9 @@ describe("AuthController", () => {
} catch (err) {
expect(err).toBeInstanceOf(HttpException);
expect((err as HttpException).getStatus()).toBe(HttpStatus.INTERNAL_SERVER_ERROR);
expect((err as HttpException).getResponse()).toBe("Internal auth error");
expect((err as HttpException).getResponse()).toBe(
"Unable to complete authentication. Please try again in a moment.",
);
}
});
@@ -285,7 +287,7 @@ describe("AuthController", () => {
expect(result).toEqual(expected);
});
it("should throw error if user not found in request", () => {
it("should throw HttpException(401) if user not found in request", () => {
const mockRequest = {
session: {
id: "session-123",
@@ -294,10 +296,16 @@ describe("AuthController", () => {
},
};
expect(() => controller.getSession(mockRequest)).toThrow("User session not found");
expect(() => controller.getSession(mockRequest)).toThrow(HttpException);
try {
controller.getSession(mockRequest);
} catch (err) {
expect((err as HttpException).getStatus()).toBe(HttpStatus.UNAUTHORIZED);
expect((err as HttpException).getResponse()).toBe("User session not found");
}
});
it("should throw error if session not found in request", () => {
it("should throw HttpException(401) if session not found in request", () => {
const mockRequest = {
user: {
id: "user-123",
@@ -306,7 +314,13 @@ describe("AuthController", () => {
},
};
expect(() => controller.getSession(mockRequest)).toThrow("User session not found");
expect(() => controller.getSession(mockRequest)).toThrow(HttpException);
try {
controller.getSession(mockRequest);
} catch (err) {
expect((err as HttpException).getStatus()).toBe(HttpStatus.UNAUTHORIZED);
expect((err as HttpException).getResponse()).toBe("User session not found");
}
});
});