fix(avatar): sincroniza avatar apos atualizar

- Propaga Set-Cookie do Better Auth no endpoint de avatar\n- Forca refresh da sessao apos upload/remocao\n- Adiciona teste de propagacao e defaults de env para testes
2025-12-17 10:38:07 -03:00 · 2025-12-17 10:38:07 -03:00 · 8546a1feb1
commit 8546a1feb1
parent 74c06ffa33
6 changed files with 84 additions and 4 deletions
--- a/tests/profile-avatar-cookie-propagation.test.ts
+++ b/tests/profile-avatar-cookie-propagation.test.ts
@ -0,0 +1,72 @@
+import { beforeEach, describe, expect, it, vi } from "vitest"
+
+import { DELETE } from "@/app/api/profile/avatar/route"
+import { getServerSession } from "@/lib/auth-server"
+import { auth } from "@/lib/auth"
+import { prisma } from "@/lib/prisma"
+
+vi.mock("@/lib/auth-server", () => ({
+  getServerSession: vi.fn(),
+}))
+
+vi.mock("@/server/convex-client", () => ({
+  createConvexClient: vi.fn(() => ({ mutation: vi.fn() })),
+}))
+
+vi.mock("@/lib/prisma", () => ({
+  prisma: {
+    authUser: { update: vi.fn() },
+  },
+}))
+
+vi.mock("@/lib/auth", () => ({
+  auth: {
+    api: {
+      updateUser: vi.fn(),
+    },
+  },
+}))
+
+describe("DELETE /api/profile/avatar", () => {
+  beforeEach(() => {
+    vi.resetAllMocks()
+    vi.mocked(getServerSession).mockResolvedValue({
+      session: { id: "sess-1", expiresAt: Date.now() + 60_000 },
+      user: {
+        id: "user-1",
+        name: "Agente",
+        email: "agent@example.com",
+        role: "agent",
+        tenantId: null,
+        avatarUrl: "https://cdn.example.com/avatar.png",
+        machinePersona: null,
+      },
+    })
+  })
+
+  it("propaga Set-Cookie retornado pelo Better Auth (cookieCache)", async () => {
+    const upstreamHeaders = new Headers()
+    upstreamHeaders.append("set-cookie", "better-auth.session_data=abc; Path=/; HttpOnly")
+    upstreamHeaders.append("set-cookie", "better-auth.session_token=def; Path=/; HttpOnly")
+
+    vi.mocked(auth.api.updateUser).mockResolvedValue(
+      new Response(JSON.stringify({ status: true }), { status: 200, headers: upstreamHeaders })
+    )
+
+    const req = new Request("http://localhost/api/profile/avatar", { method: "DELETE" })
+    const res = await DELETE(req)
+
+    expect(res.status).toBe(200)
+
+    const headersAny = res.headers as Headers & { getSetCookie?: () => string[] | undefined }
+    const setCookies =
+      typeof headersAny.getSetCookie === "function"
+        ? headersAny.getSetCookie() ?? []
+        : [res.headers.get("set-cookie")].filter(Boolean)
+
+    expect(setCookies.join("\n")).toContain("better-auth.session_data=abc")
+    expect(setCookies.join("\n")).toContain("better-auth.session_token=def")
+
+    expect(vi.mocked(prisma.authUser.update)).not.toHaveBeenCalled()
+  })
+})
--- a/tests/setup/bun-test-env.ts
+++ b/tests/setup/bun-test-env.ts
@ -6,6 +6,7 @@ import { JSDOM } from "jsdom"
 process.env.BETTER_AUTH_SECRET ??= "test-secret"
 process.env.NEXT_PUBLIC_APP_URL ??= "http://localhost:3000"
 process.env.BETTER_AUTH_URL ??= process.env.NEXT_PUBLIC_APP_URL
+process.env.DATABASE_URL ??= "postgresql://postgres:postgres@localhost:5432/sistema_test?schema=public"
 process.env.NODE_ENV ??= "test"

 const OriginalDate = Date