feat(user-metadata): enhance Google metadata handling and update tests

.cursorrules/testing.md

@@ -73,6 +73,7 @@ const button = container.querySelector('.add-button');
 - Use async/await for asynchronous tests
 - Mock external services (Google Calendar API, MongoDB) appropriately
 - Test error handling and edge cases
+- **Do not import `mongoService` or other persistence layers directly in tests.** Use the test drivers in `packages/backend/src/__tests__/drivers/` (e.g. `UserDriver`, `WatchDriver`) so that tests stay agnostic of the backing store and switching away from Mongo later does not require test changes.
 
 **Real examples:**
 

.husky/pre-commit

@@ -1,4 +1,4 @@
 #!/bin/sh
 . "$(dirname "$0")/_/husky.sh"
 
-yarn lint-staged
+yarn lint-staged --quiet

docs/testing-playbook.md

@@ -209,9 +209,12 @@ Preferred style:
 - realistic request flows when possible
 - mock only external services, not internal business logic
 
+**Do not import `mongoService` (or other persistence implementations) directly in tests.** Use test drivers instead (e.g. `UserDriver`, `WatchDriver` in `packages/backend/src/__tests__/drivers/`). Drivers encapsulate persistence so that switching away from Mongo (or another store) in the future does not require changing test code.
+
 Useful anchors:
 
 - `packages/backend/src/__tests__`
+- `packages/backend/src/__tests__/drivers/`
 - `packages/backend/src/event/services/*.test.ts`
 - `packages/backend/src/sync/**/*.test.ts`
 

package.json

@@ -29,7 +29,7 @@
     "postinstall": "husky install | chmod ug+x .husky/*",
     "test": "cross-env TZ=Etc/UTC ./node_modules/.bin/jest",
     "test:e2e": "playwright test",
-    "test:backend": "yarn test backend",
+    "test:backend": "cross-env TZ=Etc/UTC ./node_modules/.bin/jest --selectProjects backend",
     "test:core": "yarn test core",
     "test:web": "cross-env TZ=Etc/UTC ./node_modules/.bin/jest web",
     "test:scripts": "yarn test scripts",

packages/backend/src/__tests__/drivers/sync.controller.driver.ts

@@ -1,9 +1,5 @@
 import request from "supertest";
 import { GCAL_NOTIFICATION_ENDPOINT } from "@core/constants/core.constants";
-import {
-  IMPORT_GCAL_END,
-  IMPORT_GCAL_START,
-} from "@core/constants/websocket.constants";
 import { Status } from "@core/errors/status.codes";
 import { type Payload_Sync_Notif } from "@core/types/sync.types";
 import { type BaseDriver } from "@backend/__tests__/drivers/base.driver";
@@ -12,33 +8,6 @@ import { encodeChannelToken } from "@backend/sync/util/watch.util";
 export class SyncControllerDriver {
   constructor(private readonly baseDriver: BaseDriver) {}
 
-  async waitUntilImportGCalStart<Result = unknown[]>(
-    websocketClient: ReturnType<BaseDriver["createWebsocketClient"]>,
-    beforeEvent: () => Promise<unknown> = () => Promise.resolve(),
-    afterEvent: (...args: void[]) => Promise<Result> = (...args) =>
-      Promise.resolve(args as Result),
-  ): Promise<Result> {
-    return this.baseDriver.waitUntilWebsocketEvent<void[], Result>(
-      websocketClient,
-      IMPORT_GCAL_START,
-      beforeEvent,
-      afterEvent,
-    );
-  }
-
-  async waitUntilImportGCalEnd<Result = unknown[]>(
-    websocketClient: ReturnType<BaseDriver["createWebsocketClient"]>,
-    beforeEvent: () => Promise<unknown> = () => Promise.resolve(),
-    afterEvent: (...args: [string | undefined]) => Promise<Result> = (
-      ...args
-    ) => Promise.resolve(args as Result),
-  ): Promise<Result> {
-    return this.baseDriver.waitUntilWebsocketEvent<
-      [string | undefined],
-      Result
-    >(websocketClient, IMPORT_GCAL_END, beforeEvent, afterEvent);
-  }
-
   async handleGoogleNotification(
     {
       token,
@@ -64,12 +33,14 @@ export class SyncControllerDriver {
 
   async importGCal(
     session?: { userId: string },
+    body?: { force?: boolean },
     status: Status = Status.NO_CONTENT,
   ): Promise<
     Omit<request.Response, "body"> & { body: { id: string; status: string } }
   > {
     return request(this.baseDriver.getServerUri())
       .post("/api/sync/import-gcal")
+      .send(body)
       .use(this.baseDriver.setSessionPlugin(session))
       .expect(status);
   }

packages/backend/src/__tests__/drivers/user-metadata.service.driver.ts

@@ -0,0 +1,19 @@
+import type { JSONObject } from "supertokens-node/recipe/usermetadata";
+import { type UserMetadata } from "@core/types/user.types";
+import userMetadataService from "@backend/user/services/user-metadata.service";
+
+export class UserMetadataServiceDriver {
+  updateUserMetadata(params: {
+    userId: string;
+    data: Partial<UserMetadata>;
+  }): Promise<UserMetadata> {
+    return userMetadataService.updateUserMetadata(params);
+  }
+
+  fetchUserMetadata(
+    userId: string,
+    userContext?: Record<string, JSONObject>,
+  ): Promise<UserMetadata> {
+    return userMetadataService.fetchUserMetadata(userId, userContext);
+  }
+}

packages/backend/src/__tests__/drivers/user.driver.ts

@@ -7,6 +7,8 @@ import userService from "../../user/services/user.service";
 
 interface CreateUserOptions {
   withGoogleRefreshToken?: boolean;
+  /** When false, creates a user with no Google data (never connected). */
+  withGoogle?: boolean;
 }
 
 export class UserDriver {
@@ -38,7 +40,7 @@ export class UserDriver {
   static async createUser(
     options: CreateUserOptions = {},
   ): Promise<WithId<Schema_User>> {
-    const { withGoogleRefreshToken = true } = options;
+    const { withGoogleRefreshToken = true, withGoogle = true } = options;
     const gUser = UserDriver.generateGoogleUser();
     const gRefreshToken = faker.internet.jwt();
 
@@ -49,6 +51,14 @@ export class UserDriver {
 
     const _id = new ObjectId(userId);
 
+    // Simulate "user never connected Google" by removing all Google data
+    if (!withGoogle) {
+      await mongoService.user.updateOne({ _id }, { $unset: { google: "" } });
+      // eslint-disable-next-line @typescript-eslint/no-unused-vars -- intentionally omit google from returned user
+      const { google: _google, ...rest } = user;
+      return { ...rest, _id };
+    }
+
     // Remove refresh token if requested (simulates revoked token scenario)
     if (!withGoogleRefreshToken) {
       await mongoService.user.updateOne(
@@ -67,6 +77,8 @@ export class UserDriver {
   }
 
   static async createUsers(count: number): Promise<Array<WithId<Schema_User>>> {
-    return Promise.all(Array.from({ length: count }, UserDriver.createUser));
+    return Promise.all(
+      Array.from({ length: count }, () => UserDriver.createUser()),
+    );
   }
 }

packages/backend/src/__tests__/drivers/watch.driver.ts

@@ -0,0 +1,14 @@
+import mongoService from "@backend/common/services/mongo.service";
+
+/**
+ * Test driver for the watch collection.
+ * Use this instead of importing mongoService in tests so persistence can be
+ * swapped (e.g. away from Mongo) without changing test code.
+ */
+export class WatchDriver {
+  static deleteManyByUser(
+    userId: string,
+  ): ReturnType<typeof mongoService.watch.deleteMany> {
+    return mongoService.watch.deleteMany({ user: userId });
+  }
+}

packages/backend/src/common/middleware/supertokens.middleware.ts

@@ -1,5 +1,4 @@
 import cors from "cors";
-import { type Credentials, type TokenPayload } from "google-auth-library";
 import { ObjectId } from "mongodb";
 import supertokens, { default as SuperTokens, User } from "supertokens-node";
 import Dashboard from "supertokens-node/recipe/dashboard";
@@ -15,9 +14,14 @@ import { BaseError } from "@core/errors/errors.base";
 import { Status } from "@core/errors/status.codes";
 import { zObjectId } from "@core/types/type.utils";
 import compassAuthService from "@backend/auth/services/compass.auth.service";
-import type { GoogleSignInSuccess } from "@backend/auth/services/google/google.auth.success.service";
 import { handleGoogleAuth } from "@backend/auth/services/google/google.auth.success.service";
 import { ENV } from "@backend/common/constants/env.constants";
+import {
+  type CreateGoogleSignInResponse,
+  type ThirdPartySignInUpInput,
+  createGoogleSignInSuccess,
+  getGoogleAuthIntent,
+} from "@backend/common/middleware/supertokens.middleware.util";
 import mongoService from "@backend/common/services/mongo.service";
 import syncService from "@backend/sync/services/sync.service";
 import userMetadataService from "@backend/user/services/user-metadata.service";
@@ -108,11 +112,36 @@ export const initSupertokens = () => {
                   }),
                 };
               },
-              async signInUp(
-                input: Parameters<typeof originalImplementation.signInUp>[0],
-              ) {
-                const response = await originalImplementation.signInUp(input);
-                await runGoogleAuth(response, input);
+            };
+          },
+          apis(originalImplementation) {
+            return {
+              ...originalImplementation,
+              async signInUpPOST(input: ThirdPartySignInUpInput) {
+                if (!originalImplementation.signInUpPOST) {
+                  throw new BaseError(
+                    "signInUpPOST not implemented",
+                    "signInUpPOST not implemented",
+                    Status.BAD_REQUEST,
+                    true,
+                  );
+                }
+
+                const response =
+                  await originalImplementation.signInUpPOST(input);
+                const body = (await input.options.req.getJSONBody()) as {
+                  googleAuthIntent?: unknown;
+                };
+                const success = createGoogleSignInSuccess(
+                  response as CreateGoogleSignInResponse,
+                  getGoogleAuthIntent(body?.googleAuthIntent),
+                  input.session?.getUserId() ?? null,
+                );
+
+                if (success) {
+                  await handleGoogleAuth(success, compassAuthService);
+                }
+
                 return response;
               },
             };
@@ -174,28 +203,3 @@ export const supertokensCors = () =>
     ],
     credentials: true,
   });
-
-function runGoogleAuth(
-  response: { status: string } & Record<string, unknown>,
-  input: { session?: { getUserId(): string } },
-): Promise<void> {
-  if (response.status !== "OK") return Promise.resolve();
-
-  const ok = response as unknown as {
-    rawUserInfoFromProvider: { fromIdTokenPayload: TokenPayload };
-    oAuthTokens: Pick<Credentials, "refresh_token" | "access_token">;
-    createdNewRecipeUser: boolean;
-    user: { id: string; loginMethods: unknown[] };
-  };
-
-  const success: GoogleSignInSuccess = {
-    providerUser: ok.rawUserInfoFromProvider.fromIdTokenPayload,
-    oAuthTokens: ok.oAuthTokens,
-    createdNewRecipeUser: ok.createdNewRecipeUser,
-    recipeUserId: ok.user.id,
-    loginMethodsLength: ok.user.loginMethods.length,
-    sessionUserId: input.session ? input.session.getUserId() : null,
-  };
-
-  return handleGoogleAuth(success, compassAuthService);
-}

packages/backend/src/common/middleware/supertokens.middleware.util.test.ts

@@ -0,0 +1,101 @@
+import { type TokenPayload } from "google-auth-library";
+import { faker } from "@faker-js/faker";
+import {
+  createGoogleSignInSuccess,
+  resolveGoogleSessionUserId,
+} from "@backend/common/middleware/supertokens.middleware.util";
+
+describe("supertokens.middleware.util", () => {
+  describe("resolveGoogleSessionUserId", () => {
+    it("prefers the current session when one exists", () => {
+      const sessionUserId = faker.database.mongodbObjectId();
+      const recipeUserId = faker.database.mongodbObjectId();
+
+      expect(
+        resolveGoogleSessionUserId({
+          sessionUserId,
+          googleAuthIntent: "reconnect",
+          createdNewRecipeUser: false,
+          recipeUserId,
+        }),
+      ).toBe(sessionUserId);
+    });
+
+    it("uses the recipe user id for reconnects without a session", () => {
+      const recipeUserId = faker.database.mongodbObjectId();
+
+      expect(
+        resolveGoogleSessionUserId({
+          sessionUserId: null,
+          googleAuthIntent: "reconnect",
+          createdNewRecipeUser: false,
+          recipeUserId,
+        }),
+      ).toBe(recipeUserId);
+    });
+
+    it("keeps normal returning users on the sign-in path without reconnect intent", () => {
+      expect(
+        resolveGoogleSessionUserId({
+          sessionUserId: null,
+          createdNewRecipeUser: false,
+          recipeUserId: faker.database.mongodbObjectId(),
+        }),
+      ).toBeNull();
+    });
+
+    it("does not force reconnect behavior for new users", () => {
+      expect(
+        resolveGoogleSessionUserId({
+          sessionUserId: null,
+          googleAuthIntent: "reconnect",
+          createdNewRecipeUser: true,
+          recipeUserId: faker.database.mongodbObjectId(),
+        }),
+      ).toBeNull();
+    });
+  });
+
+  describe("createGoogleSignInSuccess", () => {
+    it("returns null for non-OK responses", () => {
+      expect(
+        createGoogleSignInSuccess({
+          status: "SIGN_IN_UP_NOT_ALLOWED",
+        } as Parameters<typeof createGoogleSignInSuccess>[0]),
+      ).toBeNull();
+    });
+
+    it("embeds reconnect fallback user id into the auth success payload", () => {
+      const recipeUserId = faker.database.mongodbObjectId();
+      const success = createGoogleSignInSuccess(
+        {
+          status: "OK",
+          rawUserInfoFromProvider: {
+            fromIdTokenPayload: {
+              sub: faker.string.uuid(),
+              email: faker.internet.email(),
+            } as TokenPayload,
+          },
+          oAuthTokens: {
+            refresh_token: faker.string.uuid(),
+            access_token: faker.internet.jwt(),
+          },
+          createdNewRecipeUser: false,
+          user: {
+            id: recipeUserId,
+            loginMethods: [{}],
+          },
+        } as Parameters<typeof createGoogleSignInSuccess>[0],
+        "reconnect",
+        null,
+      );
+
+      expect(success).toMatchObject({
+        createdNewRecipeUser: false,
+        recipeUserId,
+        sessionUserId: recipeUserId,
+        loginMethodsLength: 1,
+      });
+    });
+  });
+});