fix(engine,server): safe area clamp, analytics batch, achievement save order, daily rollover, replay validation, leaderboard opt-in (#56, #60, #61, #62, #66, #68)
Build and Deploy / build-and-push (push) Successful in 3m54s
Build and Deploy / build-and-push (push) Successful in 3m54s
- #66: Clamp safe-area insets to 25% of window height with warn!() on excess - #68: Move fire_flush outside per-event loop in analytics (batch flush once) - #56: Persist progress before marking reward_granted to prevent XP loss on crash - #60: Add DateRolloverTimer + check_date_rollover system for midnight seed refresh - #62: Add validate_header() in replay upload with mode/draw_mode allowlists - #61: Restore two-query leaderboard opt-in check (SELECT then UPDATE); original queries already in .sqlx cache; EXISTS variant would require sqlx prepare Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
funman300
@@ -30,13 +30,11 @@
|
||||
//! expired-on-purpose tokens for the JWT-refresh test.
|
||||
|
||||
use chrono::Utc;
|
||||
use jsonwebtoken::{encode, EncodingKey, Header};
|
||||
use solitaire_data::{
|
||||
delete_tokens, store_tokens, SolitaireServerClient, SyncError, SyncProvider,
|
||||
};
|
||||
use jsonwebtoken::{EncodingKey, Header, encode};
|
||||
use solitaire_data::{SolitaireServerClient, SyncError, SyncProvider, delete_tokens, store_tokens};
|
||||
use solitaire_sync::{PlayerProgress, StatsSnapshot, SyncPayload};
|
||||
use sqlx::sqlite::SqlitePoolOptions;
|
||||
use sqlx::SqlitePool;
|
||||
use sqlx::sqlite::SqlitePoolOptions;
|
||||
use std::sync::Once;
|
||||
use uuid::Uuid;
|
||||
|
||||
@@ -58,8 +56,8 @@ static MOCK_KEYRING_INIT: Once = Once::new();
|
||||
/// default. Safe to call from any test — only the first call has effect.
|
||||
fn ensure_mock_keyring() {
|
||||
MOCK_KEYRING_INIT.call_once(|| {
|
||||
let store = keyring_core::mock::Store::new()
|
||||
.expect("failed to construct mock keyring store");
|
||||
let store =
|
||||
keyring_core::mock::Store::new().expect("failed to construct mock keyring store");
|
||||
keyring_core::set_default_store(store);
|
||||
});
|
||||
}
|
||||
@@ -95,9 +93,7 @@ async fn spawn_test_server() -> String {
|
||||
let listener = tokio::net::TcpListener::bind("127.0.0.1:0")
|
||||
.await
|
||||
.expect("failed to bind test listener");
|
||||
let addr = listener
|
||||
.local_addr()
|
||||
.expect("listener has no local addr");
|
||||
let addr = listener.local_addr().expect("listener has no local addr");
|
||||
|
||||
let app = solitaire_server::build_test_router(fresh_pool().await);
|
||||
|
||||
@@ -119,11 +115,7 @@ async fn spawn_test_server() -> String {
|
||||
/// Register a fresh user against `base_url` and return the access + refresh
|
||||
/// tokens straight from the response body. Bypasses the keyring entirely so
|
||||
/// the caller can store the tokens under whatever username they want.
|
||||
async fn register_user_raw(
|
||||
base_url: &str,
|
||||
username: &str,
|
||||
password: &str,
|
||||
) -> (String, String) {
|
||||
async fn register_user_raw(base_url: &str, username: &str, password: &str) -> (String, String) {
|
||||
let client = reqwest::Client::new();
|
||||
let resp = client
|
||||
.post(format!("{base_url}/api/auth/register"))
|
||||
@@ -154,19 +146,15 @@ async fn register_user_raw(
|
||||
/// Decode a JWT's `sub` claim without validating expiry (so test crafted
|
||||
/// tokens still parse). Returns the user UUID as a `String`.
|
||||
fn decode_sub(token: &str) -> String {
|
||||
use jsonwebtoken::{decode, DecodingKey, Validation};
|
||||
use jsonwebtoken::{DecodingKey, Validation, decode};
|
||||
#[derive(serde::Deserialize)]
|
||||
struct Claims {
|
||||
sub: String,
|
||||
}
|
||||
let mut v = Validation::default();
|
||||
v.validate_exp = false;
|
||||
let data = decode::<Claims>(
|
||||
token,
|
||||
&DecodingKey::from_secret(TEST_SECRET.as_bytes()),
|
||||
&v,
|
||||
)
|
||||
.expect("failed to decode JWT");
|
||||
let data = decode::<Claims>(token, &DecodingKey::from_secret(TEST_SECRET.as_bytes()), &v)
|
||||
.expect("failed to decode JWT");
|
||||
data.claims.sub
|
||||
}
|
||||
|
||||
@@ -208,8 +196,7 @@ async fn register_login_push_pull_round_trip() {
|
||||
let username = "rt_alice";
|
||||
|
||||
let (access, refresh) = register_user_raw(&base, username, "alicepass1!").await;
|
||||
store_tokens(username, &access, &refresh)
|
||||
.expect("storing tokens in mock keyring must succeed");
|
||||
store_tokens(username, &access, &refresh).expect("storing tokens in mock keyring must succeed");
|
||||
|
||||
let user_id = decode_sub(&access);
|
||||
let payload = make_payload(&user_id, 42);
|
||||
@@ -257,8 +244,7 @@ async fn pull_after_concurrent_pushes_merges_correctly() {
|
||||
let username = "rt_bob";
|
||||
|
||||
let (access, refresh) = register_user_raw(&base, username, "bobpass1!").await;
|
||||
store_tokens(username, &access, &refresh)
|
||||
.expect("storing tokens in mock keyring must succeed");
|
||||
store_tokens(username, &access, &refresh).expect("storing tokens in mock keyring must succeed");
|
||||
|
||||
let user_id = decode_sub(&access);
|
||||
|
||||
@@ -269,11 +255,17 @@ async fn pull_after_concurrent_pushes_merges_correctly() {
|
||||
|
||||
// Client A: low value first.
|
||||
let payload_a = make_payload(&user_id, 5);
|
||||
client_a.push(&payload_a).await.expect("client A push must succeed");
|
||||
client_a
|
||||
.push(&payload_a)
|
||||
.await
|
||||
.expect("client A push must succeed");
|
||||
|
||||
// Client B: higher value second.
|
||||
let payload_b = make_payload(&user_id, 99);
|
||||
client_b.push(&payload_b).await.expect("client B push must succeed");
|
||||
client_b
|
||||
.push(&payload_b)
|
||||
.await
|
||||
.expect("client B push must succeed");
|
||||
|
||||
// Either client should now pull max(5, 99) = 99.
|
||||
let pulled = client_a
|
||||
@@ -330,8 +322,7 @@ async fn jwt_refresh_on_401_succeeds() {
|
||||
let username = "rt_expiring";
|
||||
|
||||
// Register to get a real, valid refresh token signed with TEST_SECRET.
|
||||
let (_real_access, real_refresh) =
|
||||
register_user_raw(&base, username, "expirepass1!").await;
|
||||
let (_real_access, real_refresh) = register_user_raw(&base, username, "expirepass1!").await;
|
||||
let user_id = decode_sub(&_real_access);
|
||||
|
||||
// Craft an expired access token signed with TEST_SECRET so the server's
|
||||
@@ -361,9 +352,10 @@ async fn jwt_refresh_on_401_succeeds() {
|
||||
|
||||
// Pull: server returns 401, client refreshes, retries, succeeds.
|
||||
let client = SolitaireServerClient::new(&base, username);
|
||||
let pulled = client.pull().await.expect(
|
||||
"pull must succeed after the client transparently refreshes the access token",
|
||||
);
|
||||
let pulled = client
|
||||
.pull()
|
||||
.await
|
||||
.expect("pull must succeed after the client transparently refreshes the access token");
|
||||
// Default merge for a never-pushed user yields games_played = 0.
|
||||
assert_eq!(
|
||||
pulled.stats.games_played, 0,
|
||||
@@ -387,8 +379,7 @@ async fn pull_after_account_deletion_returns_default_or_error() {
|
||||
let username = "rt_deleter";
|
||||
|
||||
let (access, refresh) = register_user_raw(&base, username, "deletepass1!").await;
|
||||
store_tokens(username, &access, &refresh)
|
||||
.expect("storing tokens in mock keyring must succeed");
|
||||
store_tokens(username, &access, &refresh).expect("storing tokens in mock keyring must succeed");
|
||||
|
||||
let user_id = decode_sub(&access);
|
||||
let client = SolitaireServerClient::new(&base, username);
|
||||
@@ -431,8 +422,7 @@ async fn push_retries_after_401_on_expired_access_token() {
|
||||
let base = spawn_test_server().await;
|
||||
let username = "rt_push_expiring";
|
||||
|
||||
let (_real_access, real_refresh) =
|
||||
register_user_raw(&base, username, "pushexpirepass1!").await;
|
||||
let (_real_access, real_refresh) = register_user_raw(&base, username, "pushexpirepass1!").await;
|
||||
let user_id = decode_sub(&_real_access);
|
||||
|
||||
#[derive(serde::Serialize)]
|
||||
|
||||
Reference in New Issue
Block a user