scarver2 / ehr-portal / 23325920384
77%

DEFAULT BRANCH: main
Ran
Jobs 1
Files 21
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 61.022% (-38.2%) from 99.248%
23325920384

push

github

web-flow 
fix: production login and enable logout tests (#20)

* feat: add devise-jwt for stateless JWT authentication on Rails API

- Add devise-jwt gem; configure dispatch on POST /api/v1/auth/login
  and revocation on DELETE /api/v1/auth/logout (Null strategy, 1-day expiry)
- Add Api::V1::Auth::SessionsController; returns user JSON body,
  JWT emitted in Authorization response header by devise-jwt middleware
- Extend CORS to include DELETE/PUT/PATCH/HEAD so logout is not blocked
- Wire jwt_authenticatable into User model
- Pass current_user through GraphQL context

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* test: add request specs for JWT session endpoints

Covers POST /api/v1/auth/login (valid creds, wrong password, unknown email)
and DELETE /api/v1/auth/logout (with token, without token).
Asserts Authorization header presence/absence and JSON response body.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* chore: add RBS signatures for devise-jwt auth layer

- Extend devise shim with JwtAuthenticatable module,
  JWT::RevocationStrategies::Null, and Devise::SessionsController stub
- Add JwtAuthenticatable include to User RBS
- New sig for Api::V1::Auth::SessionsController

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat: add JWT authentication to Next.js portal

- AuthUser/AuthState/LoginResponse types in src/types/auth.ts
- AuthProvider context with localStorage hydration; useAuth hook
- login() reads JWT from Authorization response header, persists to
  localStorage + cookie for middleware; logout() calls DELETE endpoint
- apiFetch() attaches Bearer token from auth_token localStorage key
- Next.js middleware guards /dashboard and /profile server-side via cookie
- Protected component handles client-side redirect on token loss
- LogoutButton clears state and redirects to /login
- Login, dashboard, and profile pages wired to auth context
- Layout wraps app in AuthProvider

Co-Authored-By: Claude Sonnet 4.6 <nor... (continued)

75 of 115 branches covered (65.22%)

Branch coverage included in aggregate %.

41 of 123 new or added lines in 12 files covered. (33.33%)

116 of 198 relevant lines covered (58.59%)

5.5 hits per line

Uncovered Changes

Lines Coverage File
26
0.0
 apps/ehr-portal/src/context/auth-context.tsx
14
39.47
 -60.53% apps/ehr-portal/src/app/page.tsx
12
41.67
 apps/ehr-portal/src/app/login/page.tsx
8
0.0
 apps/ehr-portal/src/components/logout-button.tsx
8
0.0
 apps/ehr-portal/src/components/protected.tsx
7
0.0
 apps/ehr-portal/src/lib/auth/logout.ts
3
0.0
 apps/ehr-portal/src/app/profile/page.tsx
3
0.0
 apps/ehr-portal/src/lib/api.ts
1
86.36
 apps/ehr-portal/src/lib/auth.ts
Jobs
ID Job ID Ran Files Coverage
1 23325920384.1 21
61.02
 GitHub Action Run
Source Files on build 23325920384