Skip to content

Too little time for regenerating API token test #3

Description

@jbdemme

Test

"can regenerate API token" in "Me Page"

test("can regenerate API token", async ({ page }) => {
      await loginUser(page, "testuser", "testpass123")
      await page.goto("/me")

      // Generate first token
      await page.getByTestId("generate-token-button").click()
      await page.waitForSelector('[data-testid="api-token"]')
      const firstToken = await page.getByTestId("api-token").textContent()

      // Generate new token without reloading
      await page.getByTestId("generate-token-button").click()

      // Wait for token to potentially change
      await page.waitForTimeout(500)
      const secondToken = await page.getByTestId("api-token").textContent()

      // Tokens should be different
      expect(firstToken).not.toBe(secondToken)
      expect(secondToken).toBeTruthy()
    })

Problem

There is too little time for the regeneration and display of the new API token. Currently the test only waits for 300ms for the new API token to be regenerated and displayed. This cannot happen that fast with the current tools in the course.

What needs to happen from the click of the generate-token-button and the display of the new API token:

  1. Button calls a generateToken server action:
  2. The server gets the current session from auth(). We cannot pass the session or the user from the client since the client isn't trustworthy.
  3. The server generates a new token (eg. a random UUID)
  4. The server inserts the new token in the db
  5. The server action revalidates the /me path
  6. The /me path reloads leading to a query to the db for the user (including the new token) and the readingList

Especially (2), (4) and (6) take a lot of time. In total the whole process requires at a minimum 3 consecutive communications with the db: First, to write the new token to the db, second to get the new token from the db and third to get the readingList. Three database requests will realistically be close or even longer than 500ms, leading to a test failure.

We could avoid the reloading of the reading list, by only revalidating the user data with revalidateTag() and not the whole /me path, but this wasn't taught in the course so far.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions