scarver2 / ehr-portal / 23325920384 / 1
77%
main: 77%

DEFAULT BRANCH: main
Ran
Files 21
Run time 0s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 61.022% (-38.2%) from 99.248%
23325920384.1

push

github

web-flow 
fix: production login and enable logout tests (#20)

* feat: add devise-jwt for stateless JWT authentication on Rails API

- Add devise-jwt gem; configure dispatch on POST /api/v1/auth/login
  and revocation on DELETE /api/v1/auth/logout (Null strategy, 1-day expiry)
- Add Api::V1::Auth::SessionsController; returns user JSON body,
  JWT emitted in Authorization response header by devise-jwt middleware
- Extend CORS to include DELETE/PUT/PATCH/HEAD so logout is not blocked
- Wire jwt_authenticatable into User model
- Pass current_user through GraphQL context

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* test: add request specs for JWT session endpoints

Covers POST /api/v1/auth/login (valid creds, wrong password, unknown email)
and DELETE /api/v1/auth/logout (with token, without token).
Asserts Authorization header presence/absence and JSON response body.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* chore: add RBS signatures for devise-jwt auth layer

- Extend devise shim with JwtAuthenticatable module,
  JWT::RevocationStrategies::Null, and Devise::SessionsController stub
- Add JwtAuthenticatable include to User RBS
- New sig for Api::V1::Auth::SessionsController

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat: add JWT authentication to Next.js portal

- AuthUser/AuthState/LoginResponse types in src/types/auth.ts
- AuthProvider context with localStorage hydration; useAuth hook
- login() reads JWT from Authorization response header, persists to
  localStorage + cookie for middleware; logout() calls DELETE endpoint
- apiFetch() attaches Bearer token from auth_token localStorage key
- Next.js middleware guards /dashboard and /profile server-side via cookie
- Protected component handles client-side redirect on token loss
- LogoutButton clears state and redirects to /login
- Login, dashboard, and profile pages wired to auth context
- Layout wraps app in AuthProvider

Co-Authored-By: Claude Sonnet 4.6 <nor... (continued)

75 of 115 branches covered (65.22%)

Branch coverage included in aggregate %.

116 of 198 relevant lines covered (58.59%)

5.5 hits per line

Source Files on job 23325920384.1