Trek_CN/client/tests/unit/api
jubnl b556c636eb
fix: tighten 401 redirect allowlist and add reset-password paths
Replaced loose includes()/startsWith() path checks with exact equality
for static routes and strict prefix matching for dynamic-token routes.
Added /forgot-password and /reset-password to the allowlist so the
password-reset flow is usable without auth. Extracted isAuthPublicPath
as a pure testable function with 14 unit tests covering regressions.
2026-04-20 21:55:15 +02:00
..
authUrl.test.ts fix(tests): use node:buffer.Blob so URL.createObjectURL works on Node 22 2026-04-07 23:54:01 +02:00
client.interceptor.test.ts fix: tighten 401 redirect allowlist and add reset-password paths 2026-04-20 21:55:15 +02:00