will.anderson
|
dbb8035698
|
Add comprehensive checkout + Stripe payment flow tests
- checkout-flows.spec.ts: 60 tests covering all 3 plan variants (free/
professional/founding), auth section visibility, form validation,
sign-in/sign-up toggle, mocked Supabase auth flows (sign-up, email-
confirm-required, existing session, sign-in error), DOM transitions
(auth-section → payment-section, free-success panel), auth badge
content + email pre-fill, /api/checkout and /api/supabase-config
endpoint contracts, CORS enforcement
- checkout-stripe.spec.ts: 45 tests covering Stripe.js presence,
NEURON_CFG shape, submit-btn disabled state, founding attestation
checkbox + attest-warn guard, professional charge timing radios,
setup_mode label, mocked full Stripe payment flow via addInitScript +
/api/payment-intent intercept, submit validation (name/email),
decline handling, sold-out guard, /api/payment-intent /api/link-
customer /api/attest /api/founding-count endpoint contracts, and
live test-card flows (skipped unless STRIPE_LIVE=1)
Mocking strategy: page.route() for /api/supabase-config + Supabase
auth endpoints; addInitScript() for window.Stripe mock; localStorage
pre-seeding for existing-session tests.
|
2026-05-11 01:18:37 -05:00 |
|
will.anderson
|
cac7bd5727
|
test: full Playwright + API test suite for stage
Dev — Build & local smoke test / build-smoke (pull_request) Successful in 1m52s
159 tests across three Playwright projects (api, chromium, mobile):
- tests/api/security.test.ts: security headers, CORS on /api/supabase-config
(origin allowlist enforced), auth gate on /api/demo, Stripe webhook
signature enforcement, source file leakage, path traversal, input
validation (8000-char message cap)
- tests/api/endpoints.test.ts: /api/health, /api/founding-count shape
invariants, /api/supabase-config JWT shape, sitemap.xml, robots.txt,
/llms.txt, /api/soul-health internal gate, 404 for unknown routes
- tests/e2e/landing.spec.ts: title, h1 count, meta description, OG tags,
canonical (no stage leak), JSON-LD schema, demo widget DOM presence,
JS error filtering (known GTM/CSP noise excluded)
- tests/e2e/seo.spec.ts: per-page title patterns, noindex on checkout,
canonical URLs, sitemap production-URL enforcement
- tests/e2e/checkout.spec.ts: all three plan variants, auth section, payment
element, canonical
- tests/e2e/chat.spec.ts: widget DOM structure, auth gate (send button
disabled without session), API-level auth rejection
- tests/e2e/navigation.spec.ts: all public routes return 200, 404s for
removed/old paths (/terms, /enterprise-terms, /gallery), static files
All 159 pass against stage. CI step added to stage.yaml after smoke test.
|
2026-05-11 00:28:33 -05:00 |
|