Add Vitest test suite for platforms, auth, limits, and generate API

Author: Aymanseif

app/api/generate/__tests__/route.test.ts

@@ -0,0 +1,245 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import { POST } from "../route";
+
+const mockPrisma = {
+  user: {
+    findUnique: vi.fn(),
+    update: vi.fn(),
+  },
+  post: {
+    create: vi.fn(),
+  },
+  $transaction: vi.fn(),
+};
+
+const mockSession = {
+  getSessionEmail: vi.fn(),
+};
+
+vi.mock("@/lib/db", () => ({
+  prisma: mockPrisma,
+}));
+
+vi.mock("@/lib/session", () => ({
+  getSessionEmail: mockSession.getSessionEmail,
+}));
+
+function createMockRequest(body: Record<string, unknown>, ip = "127.0.0.1") {
+  return {
+    headers: {
+      get: (key: string) => (key === "x-forwarded-for" ? ip : null),
+    },
+    json: () => Promise.resolve(body),
+  } as unknown as Request;
+}
+
+describe("POST /api/generate", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    process.env.OPENAI_API_KEY = "";
+  });
+
+  afterEach(() => {
+    vi.clearAllMocks();
+  });
+
+  it("returns 401 when not authenticated", async () => {
+    mockSession.getSessionEmail.mockResolvedValue(null);
+
+    const req = createMockRequest({ topic: "test" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(401);
+    expect(data.error).toBe("Unauthorized");
+  });
+
+  it("returns 404 when user not found", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("test@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue(null);
+
+    const req = createMockRequest({ topic: "test" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(404);
+    expect(data.error).toBe("User not found");
+  });
+
+  it("returns 400 when topic is empty", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("test@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "user-1",
+      email: "test@example.com",
+      plan: "starter",
+      postsUsed: 0,
+      isAdmin: false,
+      isLifetime: false,
+    });
+
+    const req = createMockRequest({ topic: "" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(400);
+    expect(data.error).toBe("Topic required");
+  });
+
+  it("returns 403 when plan limit reached", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("test@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "user-1",
+      email: "test@example.com",
+      plan: "starter",
+      postsUsed: 5,
+      isAdmin: false,
+      isLifetime: false,
+    });
+
+    const req = createMockRequest({ topic: "AI trends" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(403);
+    expect(data.error).toContain("plan limit reached");
+  });
+
+  it("bypasses limit for admin users", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("admin@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "admin-1",
+      email: "admin@example.com",
+      plan: "starter",
+      postsUsed: 100,
+      isAdmin: true,
+      isLifetime: false,
+    });
+    mockPrisma.$transaction.mockResolvedValue([
+      { postsUsed: 100 },
+      { id: "post-1" },
+    ]);
+
+    const req = createMockRequest({ topic: "Admin test post" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(200);
+    expect(data.success).toBe(true);
+  });
+
+  it("returns 403 when LinkedIn used with non-agency plan", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("test@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "user-1",
+      email: "test@example.com",
+      plan: "pro",
+      postsUsed: 0,
+      isAdmin: false,
+      isLifetime: false,
+    });
+
+    const req = createMockRequest({ topic: "Professional update", platform: "LinkedIn" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(403);
+    expect(data.error).toBe("LinkedIn requires Agency plan");
+  });
+
+  it("allows LinkedIn for agency users", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("agency@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "agency-1",
+      email: "agency@example.com",
+      plan: "agency",
+      postsUsed: 0,
+      isAdmin: false,
+      isLifetime: false,
+    });
+    mockPrisma.$transaction.mockResolvedValue([
+      { postsUsed: 1 },
+      { id: "post-1" },
+    ]);
+
+    const req = createMockRequest({ topic: "Industry insight", platform: "LinkedIn" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(200);
+    expect(data.success).toBe(true);
+  });
+
+  it("normalizes platform from lowercase to proper case", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("test@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "user-1",
+      email: "test@example.com",
+      plan: "pro",
+      postsUsed: 0,
+      isAdmin: false,
+      isLifetime: false,
+    });
+    mockPrisma.$transaction.mockResolvedValue([
+      { postsUsed: 1 },
+      { id: "post-1" },
+    ]);
+
+    const req = createMockRequest({ topic: "Test post", platform: "instagram" });
+    const res = await POST(req);
+    const data = await res.json();
+
+    expect(res.status).toBe(200);
+    expect(data.platform).toBe("Instagram");
+  });
+
+  it("increments postsUsed for non-admin users", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("test@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "user-1",
+      email: "test@example.com",
+      plan: "pro",
+      postsUsed: 10,
+      isAdmin: false,
+      isLifetime: false,
+    });
+    mockPrisma.$transaction.mockResolvedValue([
+      { postsUsed: 11 },
+      { id: "post-1" },
+    ]);
+
+    const req = createMockRequest({ topic: "Test content" });
+    await POST(req);
+
+    expect(mockPrisma.$transaction).toHaveBeenCalled();
+    const txCall = mockPrisma.$transaction.mock.calls[0][0];
+    const updateCall = txCall.find((c: any) => c?.type === "user" || true);
+    expect(mockPrisma.user.update).toHaveBeenCalledWith({
+      where: { id: "user-1" },
+      data: { postsUsed: 11 },
+    });
+  });
+
+  it("does not increment postsUsed for admin users", async () => {
+    mockSession.getSessionEmail.mockResolvedValue("admin@example.com");
+    mockPrisma.user.findUnique.mockResolvedValue({
+      id: "admin-1",
+      email: "admin@example.com",
+      plan: "starter",
+      postsUsed: 50,
+      isAdmin: true,
+      isLifetime: false,
+    });
+    mockPrisma.$transaction.mockResolvedValue([
+      { postsUsed: 50 },
+      { id: "post-1" },
+    ]);
+
+    const req = createMockRequest({ topic: "Admin post" });
+    await POST(req);
+
+    expect(mockPrisma.user.update).toHaveBeenCalledWith({
+      where: { id: "admin-1" },
+      data: { postsUsed: 50 },
+    });
+  });
+});

lib/__tests__/auth.test.ts

@@ -0,0 +1,91 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { isAdminEmail, canUseLinkedIn } from "../auth";
+
+vi.mock("@/lib/session", () => ({
+  getSessionEmail: vi.fn(),
+}));
+
+vi.mock("@/lib/db", () => ({
+  prisma: {
+    user: {
+      findUnique: vi.fn(),
+    },
+  },
+}));
+
+describe("isAdminEmail", () => {
+  const originalEnv = process.env;
+
+  beforeEach(() => {
+    process.env = { ...originalEnv };
+    delete process.env.ADMIN_EMAILS;
+    delete process.env.ADMIN_EMAIL;
+  });
+
+  it("returns false for null email", () => {
+    expect(isAdminEmail(null)).toBe(false);
+  });
+
+  it("returns false for undefined email", () => {
+    expect(isAdminEmail(undefined)).toBe(false);
+  });
+
+  it("returns false for empty string", () => {
+    expect(isAdminEmail("")).toBe(false);
+  });
+
+  it("returns true when email matches ADMIN_EMAILS list", () => {
+    process.env.ADMIN_EMAILS = "admin@test.com,ceo@test.com";
+    expect(isAdminEmail("admin@test.com")).toBe(true);
+    expect(isAdminEmail("ceo@test.com")).toBe(true);
+  });
+
+  it("handles case-insensitive comparison", () => {
+    process.env.ADMIN_EMAILS = "Admin@Test.com";
+    expect(isAdminEmail("admin@test.com")).toBe(true);
+    expect(isAdminEmail("ADMIN@TEST.COM")).toBe(true);
+  });
+
+  it("returns true when email matches ADMIN_EMAIL single env", () => {
+    process.env.ADMIN_EMAIL = "founder@test.com";
+    expect(isAdminEmail("founder@test.com")).toBe(true);
+  });
+
+  it("prefers ADMIN_EMAILS over ADMIN_EMAIL", () => {
+    process.env.ADMIN_EMAILS = "ceo@test.com";
+    process.env.ADMIN_EMAIL = "founder@test.com";
+    expect(isAdminEmail("ceo@test.com")).toBe(true);
+    expect(isAdminEmail("founder@test.com")).toBe(false);
+  });
+
+  it("trims whitespace from emails", () => {
+    process.env.ADMIN_EMAIL = "  admin@test.com  ";
+    expect(isAdminEmail("  admin@test.com  ")).toBe(true);
+  });
+});
+
+describe("canUseLinkedIn", () => {
+  it("returns true for admin", () => {
+    expect(canUseLinkedIn("starter", true)).toBe(true);
+  });
+
+  it("returns true for agency plan", () => {
+    expect(canUseLinkedIn("agency", false)).toBe(true);
+  });
+
+  it("returns false for starter plan", () => {
+    expect(canUseLinkedIn("starter", false)).toBe(false);
+  });
+
+  it("returns false for pro plan", () => {
+    expect(canUseLinkedIn("pro", false)).toBe(false);
+  });
+
+  it("returns false for null plan", () => {
+    expect(canUseLinkedIn(null, false)).toBe(false);
+  });
+
+  it("returns false for undefined plan", () => {
+    expect(canUseLinkedIn(undefined, false)).toBe(false);
+  });
+});