Problem Statement
The StreamsGateway (api/src/gateways/streams.gateway.ts) has zero automated tests. It handles JWT-authenticated WebSocket connections, stream room subscription/unsubscription, and real-time event broadcasting (stream:started, stream:stopped, stream:error). All of this critical real-time infrastructure is untested. A failure in token extraction, room management, or event routing would go undetected until production.
Evidence
The api/src/ directory has only one test file for the gateway module: none for streams.gateway.ts. The unit test suite for auth service and request logger exists, but the WebSocket layer has no coverage.
Impact
WebSocket bugs (authentication bypass, event misrouting, connection leaks) cannot be caught before deployment. The gateway is one of the most security-sensitive components (JWT verification, real-time data access) with zero automated verification.
Proposed Solution
Use @nestjs/testing and socket.io-client or socket.io mock to create integration tests:
- Test
handleConnection with valid JWT → connected
- Test
handleConnection with invalid JWT → disconnected with error
- Test
handleConnection with missing token → disconnected
- Test
handleSubscribe for authenticated client → joins room
- Test
handleSubscribe for unauthenticated client → returns error
- Test
handleUnsubscribe → leaves room
- Test
emitStarted, emitStopped, emitError → events broadcast to room only
- Test
handleDisconnect → client removed from rooms
Technical Requirements
- Must use NestJS testing utilities (
Test.createTestingModule)
- Must mock JwtService with known-good tokens
- Must use a real or mocked socket.io server
- Must test edge cases: null payloads, missing fields, duplicate subscriptions
Acceptance Criteria
File Map
api/src/gateways/streams.gateway.spec.ts — new test fileapi/src/gateways/streams.gateway.ts — may need minor refactoring for testability
Dependencies
- Related: REPO-001 (JWT auth consistency)
Testing Strategy
- Unit: Test each method in isolation with mocked Server and Socket
- Integration: Test full connection lifecycle with real socket.io in-memory
- Test token extraction from all three sources (auth header, query, handshake auth)
- Test error handling in handleDisconnect (should never throw)
Security Considerations
Test that invalid tokens are rejected before any room join operations. Test that the gateway never accepts connections without proper JWT verification.
Definition of Done
Labels: testing, security, high impact
Priority: High
Difficulty: Advanced
Estimated Effort: 2d
Milestone: v1.0-alpha
Labels: testing,security,high impact
Priority: High | Difficulty: Advanced | Estimated Effort: 2d
Backlog ID: REPO-012
Problem Statement
The StreamsGateway (
api/src/gateways/streams.gateway.ts) has zero automated tests. It handles JWT-authenticated WebSocket connections, stream room subscription/unsubscription, and real-time event broadcasting (stream:started, stream:stopped, stream:error). All of this critical real-time infrastructure is untested. A failure in token extraction, room management, or event routing would go undetected until production.Evidence
The
api/src/directory has only one test file for the gateway module: none forstreams.gateway.ts. The unit test suite for auth service and request logger exists, but the WebSocket layer has no coverage.Impact
WebSocket bugs (authentication bypass, event misrouting, connection leaks) cannot be caught before deployment. The gateway is one of the most security-sensitive components (JWT verification, real-time data access) with zero automated verification.
Proposed Solution
Use
@nestjs/testingandsocket.io-clientorsocket.iomock to create integration tests:handleConnectionwith valid JWT → connectedhandleConnectionwith invalid JWT → disconnected with errorhandleConnectionwith missing token → disconnectedhandleSubscribefor authenticated client → joins roomhandleSubscribefor unauthenticated client → returns errorhandleUnsubscribe→ leaves roomemitStarted,emitStopped,emitError→ events broadcast to room onlyhandleDisconnect→ client removed from roomsTechnical Requirements
Test.createTestingModule)Acceptance Criteria
File Map
api/src/gateways/streams.gateway.spec.ts— new test fileapi/src/gateways/streams.gateway.ts— may need minor refactoring for testabilityDependencies
Testing Strategy
Security Considerations
Test that invalid tokens are rejected before any room join operations. Test that the gateway never accepts connections without proper JWT verification.
Definition of Done
Labels: testing, security, high impact
Priority: High
Difficulty: Advanced
Estimated Effort: 2d
Milestone: v1.0-alpha
Labels: testing,security,high impact
Priority: High | Difficulty: Advanced | Estimated Effort: 2d
Backlog ID: REPO-012