This ticket was generated by AI (to-tickets) from #43.
Parent
#43
What to build
A test safety net that exists before any auth code is moved. Wire up the repo's test runner (bun test) to run against ephemeral Postgres + Redis, and write characterization tests that pin the current behavior of the two stable contracts everything depends on: the auth service's get-session HTTP endpoint and API-key validation. These tests are the tripwire that proves the later unification is behaviour-preserving.
Acceptance criteria
Blocked by
- None — can start immediately
Parent
#43
What to build
A test safety net that exists before any auth code is moved. Wire up the repo's test runner (
bun test) to run against ephemeral Postgres + Redis, and write characterization tests that pin the current behavior of the two stable contracts everything depends on: the auth service'sget-sessionHTTP endpoint and API-key validation. These tests are the tripwire that proves the later unification is behaviour-preserving.Acceptance criteria
bun testruns in CI and locally against ephemeral (containerized) Postgres + Redis, torn down after the runget-session: valid session, invalid/absent session, expired sessionBlocked by