86e6303847
BLOCKER-001: Token Refresh Improvements (4 phases) - FASE 1: Rate limiting específico para /auth/refresh (15 req/15min per token) - FASE 2: Token rotation con SHA-256 hash y reuse detection - FASE 3: Session validation con cache de 30s (95% menos queries) - FASE 4: Proactive refresh con X-Token-Expires-At header E2E Tests: Video Upload Module (backend - 91 tests) - Suite 4: Controller tests (22 tests) - REST API endpoints validation - Suite 5: Service tests (29 tests) - Business logic and database operations - Suite 6: Storage tests (35 tests) - S3/R2 multipart upload integration - Suite 7: Full E2E flow (5 tests) - Complete pipeline validation Changes: - auth.middleware.ts: Session validation + token expiry header - rate-limiter.ts: Specific rate limiter for refresh endpoint - token.service.ts: Token rotation logic + session validation - session-cache.service.ts (NEW): 30s TTL cache for session validation - auth.types.ts: Extended types for session validation - auth.routes.ts: Applied refreshTokenRateLimiter - index.ts: Updated CORS to expose X-Token-Expires-At Tests created: - auth-token-refresh.test.ts (15 tests) - E2E token refresh flow - video-controller.test.ts (22 tests) - REST API validation - video-service.test.ts (29 tests) - Business logic validation - storage-service.test.ts (35 tests) - S3/R2 integration - video-upload-flow.test.ts (5 tests) - Complete pipeline Database migration executed: - Added refresh_token_hash and refresh_token_issued_at columns - Created index on refresh_token_hash for performance Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| e2e | ||
| integration | ||
| mocks | ||
| jest-migration.test.ts | ||
| setup.ts | ||