feat(e2e): add Playwright E2E testing infrastructure and critical path tests

Set up Playwright with dual-project config (API + Web), auth test fixtures, 16 E2E tests covering registration, login, profile, token refresh, and homepage rendering. Added GitHub Actions CI workflow for automated E2E runs. Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-08 01:41:07 +07:00
parent 391c040100
commit 9301f44119
12 changed files with 1660 additions and 2 deletions
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -0,0 +1,75 @@
+name: E2E Tests
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: e2e-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  e2e:
+    name: Playwright E2E
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+
+    services:
+      postgres:
+        image: postgis/postgis:16-3.4
+        env:
+          POSTGRES_DB: goodgo_test
+          POSTGRES_USER: goodgo
+          POSTGRES_PASSWORD: goodgo_test_secret
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd "pg_isready -U goodgo -d goodgo_test"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+          --health-start-period 30s
+
+    env:
+      DATABASE_URL: postgresql://goodgo:goodgo_test_secret@localhost:5432/goodgo_test
+      NODE_ENV: test
+      JWT_SECRET: e2e-test-jwt-secret-key
+      JWT_REFRESH_SECRET: e2e-test-refresh-secret-key
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 22
+          cache: pnpm
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Install Playwright browsers
+        run: npx playwright install --with-deps chromium
+
+      - name: Run database migrations
+        run: pnpm db:migrate:deploy
+
+      - name: Build apps
+        run: pnpm build
+
+      - name: Run E2E tests
+        run: pnpm test:e2e
+
+      - name: Upload test report
+        if: ${{ !cancelled() }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-report
+          path: playwright-report/
+          retention-days: 14
--- a/.gitignore
+++ b/.gitignore
@@ -26,6 +26,9 @@ Thumbs.db

 # testing
 coverage/
+playwright-report/
+test-results/
+blob-report/

 # misc
 *.log
--- a/e2e/api/auth-login.spec.ts
+++ b/e2e/api/auth-login.spec.ts
@@ -0,0 +1,39 @@
+import { test, expect } from '@playwright/test';
+import { createTestUser, registerUser } from '../fixtures';
+
+test.describe('POST /auth/login', () => {
+  test('logs in with valid credentials and returns token pair', async ({ request }) => {
+    const user = createTestUser();
+    await registerUser(request, user);
+
+    const res = await request.post('/auth/login', {
+      data: { phone: user.phone, password: user.password },
+    });
+
+    expect(res.status()).toBe(201);
+    const body = await res.json();
+    expect(body).toHaveProperty('accessToken');
+    expect(body).toHaveProperty('refreshToken');
+  });
+
+  test('rejects login with wrong password', async ({ request }) => {
+    const user = createTestUser();
+    await registerUser(request, user);
+
+    const res = await request.post('/auth/login', {
+      data: { phone: user.phone, password: 'WrongPassword!1' },
+    });
+
+    expect(res.ok()).toBeFalsy();
+    expect(res.status()).toBe(401);
+  });
+
+  test('rejects login with non-existent phone', async ({ request }) => {
+    const res = await request.post('/auth/login', {
+      data: { phone: '0900000001', password: 'Test@1234!' },
+    });
+
+    expect(res.ok()).toBeFalsy();
+    expect(res.status()).toBe(401);
+  });
+});
--- a/e2e/api/auth-profile.spec.ts
+++ b/e2e/api/auth-profile.spec.ts
@@ -0,0 +1,29 @@
+import { test, expect } from '../fixtures';
+
+test.describe('GET /auth/profile', () => {
+  test('returns user profile for authenticated user', async ({ authedRequest, testUser }) => {
+    const res = await authedRequest.get('/auth/profile');
+
+    expect(res.status()).toBe(200);
+    const body = await res.json();
+    expect(body).toHaveProperty('id');
+    expect(body.phone).toBe(testUser.phone);
+    expect(body.fullName).toBe(testUser.fullName);
+  });
+
+  test('rejects unauthenticated requests', async ({ request }) => {
+    const res = await request.get('/auth/profile');
+
+    expect(res.ok()).toBeFalsy();
+    expect(res.status()).toBe(401);
+  });
+
+  test('rejects requests with invalid token', async ({ request }) => {
+    const res = await request.get('/auth/profile', {
+      headers: { Authorization: 'Bearer invalid.jwt.token' },
+    });
+
+    expect(res.ok()).toBeFalsy();
+    expect(res.status()).toBe(401);
+  });
+});
--- a/e2e/api/auth-refresh.spec.ts
+++ b/e2e/api/auth-refresh.spec.ts
@@ -0,0 +1,24 @@
+import { test, expect } from '../fixtures';
+
+test.describe('POST /auth/refresh', () => {
+  test('refreshes tokens with valid refresh token', async ({ request, testTokens }) => {
+    const res = await request.post('/auth/refresh', {
+      data: { refreshToken: testTokens.refreshToken },
+    });
+
+    expect(res.status()).toBe(201);
+    const body = await res.json();
+    expect(body).toHaveProperty('accessToken');
+    expect(body).toHaveProperty('refreshToken');
+    // New tokens should differ from original
+    expect(body.accessToken).not.toBe(testTokens.accessToken);
+  });
+
+  test('rejects invalid refresh token', async ({ request }) => {
+    const res = await request.post('/auth/refresh', {
+      data: { refreshToken: 'invalid-refresh-token' },
+    });
+
+    expect(res.ok()).toBeFalsy();
+  });
+});
--- a/e2e/api/auth-register.spec.ts
+++ b/e2e/api/auth-register.spec.ts
@@ -0,0 +1,52 @@
+import { test, expect } from '@playwright/test';
+import { createTestUser } from '../fixtures';
+
+test.describe('POST /auth/register', () => {
+  test('registers a new user and returns token pair', async ({ request }) => {
+    const user = createTestUser();
+
+    const res = await request.post('/auth/register', { data: user });
+
+    expect(res.status()).toBe(201);
+    const body = await res.json();
+    expect(body).toHaveProperty('accessToken');
+    expect(body).toHaveProperty('refreshToken');
+    expect(typeof body.accessToken).toBe('string');
+    expect(typeof body.refreshToken).toBe('string');
+  });
+
+  test('rejects duplicate phone registration', async ({ request }) => {
+    const user = createTestUser();
+
+    // First registration should succeed
+    const first = await request.post('/auth/register', { data: user });
+    expect(first.ok()).toBeTruthy();
+
+    // Second registration with same phone should fail
+    const second = await request.post('/auth/register', { data: user });
+    expect(second.ok()).toBeFalsy();
+    expect(second.status()).toBeGreaterThanOrEqual(400);
+  });
+
+  test('rejects registration with missing required fields', async ({ request }) => {
+    const res = await request.post('/auth/register', {
+      data: { phone: '0912345678' },
+    });
+
+    expect(res.ok()).toBeFalsy();
+    expect(res.status()).toBe(400);
+  });
+
+  test('rejects registration with short password', async ({ request }) => {
+    const res = await request.post('/auth/register', {
+      data: {
+        phone: '0912345678',
+        password: 'short',
+        fullName: 'Test',
+      },
+    });
+
+    expect(res.ok()).toBeFalsy();
+    expect(res.status()).toBe(400);
+  });
+});
--- a/e2e/fixtures/auth.fixture.ts
+++ b/e2e/fixtures/auth.fixture.ts
@@ -0,0 +1,82 @@
+import { test as base, type APIRequestContext } from '@playwright/test';
+
+/** Shape returned by POST /auth/register and POST /auth/login */
+export interface TokenPair {
+  accessToken: string;
+  refreshToken: string;
+}
+
+/** Generates a unique test user payload for each test run. */
+export function createTestUser(suffix = Date.now()) {
+  return {
+    phone: `09${String(suffix).slice(-8).padStart(8, '0')}`,
+    password: 'Test@1234!',
+    fullName: `Test User ${suffix}`,
+    email: `testuser${suffix}@goodgo.test`,
+  };
+}
+
+/** Registers a new user via the API and returns the token pair. */
+export async function registerUser(
+  request: APIRequestContext,
+  user = createTestUser(),
+): Promise<TokenPair & { user: ReturnType<typeof createTestUser> }> {
+  const res = await request.post('/auth/register', { data: user });
+  if (!res.ok()) {
+    const body = await res.text();
+    throw new Error(`Register failed (${res.status()}): ${body}`);
+  }
+  const tokens: TokenPair = await res.json();
+  return { ...tokens, user };
+}
+
+/** Logs in an existing user and returns the token pair. */
+export async function loginUser(
+  request: APIRequestContext,
+  phone: string,
+  password: string,
+): Promise<TokenPair> {
+  const res = await request.post('/auth/login', {
+    data: { phone, password },
+  });
+  if (!res.ok()) {
+    const body = await res.text();
+    throw new Error(`Login failed (${res.status()}): ${body}`);
+  }
+  return res.json();
+}
+
+/**
+ * Extended test fixture that provides a pre-authenticated API context.
+ *
+ * Usage:
+ *   import { test } from '../fixtures/auth.fixture';
+ *   test('my test', async ({ authedRequest, testTokens }) => { ... });
+ */
+export const test = base.extend<{
+  testUser: ReturnType<typeof createTestUser>;
+  testTokens: TokenPair;
+  authedRequest: APIRequestContext;
+}>({
+  testUser: async ({}, use) => {
+    await use(createTestUser());
+  },
+
+  testTokens: async ({ request, testUser }, use) => {
+    const { accessToken, refreshToken } = await registerUser(request, testUser);
+    await use({ accessToken, refreshToken });
+  },
+
+  authedRequest: async ({ playwright, testTokens, baseURL }, use) => {
+    const ctx = await playwright.request.newContext({
+      baseURL,
+      extraHTTPHeaders: {
+        Authorization: `Bearer ${testTokens.accessToken}`,
+      },
+    });
+    await use(ctx);
+    await ctx.dispose();
+  },
+});
+
+export { expect } from '@playwright/test';
--- a/e2e/fixtures/index.ts
+++ b/e2e/fixtures/index.ts
@@ -0,0 +1,3 @@
+export { test, expect } from './auth.fixture';
+export { createTestUser, registerUser, loginUser } from './auth.fixture';
+export type { TokenPair } from './auth.fixture';
--- a/e2e/web/homepage.spec.ts
+++ b/e2e/web/homepage.spec.ts
@@ -0,0 +1,39 @@
+import { test, expect } from '@playwright/test';
+
+test.describe('Homepage', () => {
+  test('loads and displays platform title', async ({ page }) => {
+    await page.goto('/');
+
+    await expect(page.locator('h1')).toContainText('GoodGo Platform');
+    await expect(page.locator('p')).toContainText('Vietnam Real Estate Platform');
+  });
+
+  test('has correct page title', async ({ page }) => {
+    await page.goto('/');
+
+    await expect(page).toHaveTitle(/GoodGo/i);
+  });
+
+  test('renders without console errors', async ({ page }) => {
+    const errors: string[] = [];
+    page.on('console', (msg) => {
+      if (msg.type() === 'error') errors.push(msg.text());
+    });
+
+    await page.goto('/');
+    await page.waitForLoadState('networkidle');
+
+    expect(errors).toHaveLength(0);
+  });
+
+  test('is responsive — mobile viewport', async ({ page }) => {
+    await page.setViewportSize({ width: 375, height: 667 });
+    await page.goto('/');
+
+    const main = page.locator('main');
+    await expect(main).toBeVisible();
+
+    const h1 = page.locator('h1');
+    await expect(h1).toBeVisible();
+  });
+});
--- a/package.json
+++ b/package.json
@@ -29,6 +29,10 @@
    "db:seed": "prisma db seed",
    "db:studio": "prisma studio",
    "db:reset": "prisma migrate reset",
+    "test:e2e": "playwright test",
+    "test:e2e:api": "playwright test --project=api",
+    "test:e2e:web": "playwright test --project=web",
+    "test:e2e:report": "playwright show-report",
    "prepare": "husky"
  },
  "lint-staged": {
@@ -45,6 +49,7 @@
  },
  "devDependencies": {
    "@eslint/js": "^9.39.4",
+    "@playwright/test": "^1.59.1",
    "dependency-cruiser": "^17.3.10",
    "eslint": "^9.39.4",
    "eslint-config-prettier": "^10.1.8",
--- a/playwright.config.ts
+++ b/playwright.config.ts
@@ -0,0 +1,62 @@
+import { defineConfig, devices } from '@playwright/test';
+
+/**
+ * Playwright E2E configuration for Goodgo Platform.
+ *
+ * Projects:
+ *   - "api" — tests against the NestJS API (port 3001)
+ *   - "web" — tests against the Next.js frontend (port 3000)
+ */
+export default defineConfig({
+  testDir: './e2e',
+  fullyParallel: true,
+  forbidOnly: !!process.env.CI,
+  retries: process.env.CI ? 2 : 0,
+  workers: process.env.CI ? 1 : undefined,
+  reporter: process.env.CI
+    ? [['html', { open: 'never' }], ['github']]
+    : [['html', { open: 'on-failure' }]],
+
+  use: {
+    trace: 'on-first-retry',
+    screenshot: 'only-on-failure',
+  },
+
+  projects: [
+    // API E2E tests — no browser needed, uses APIRequestContext
+    {
+      name: 'api',
+      testDir: './e2e/api',
+      use: {
+        baseURL: process.env.API_BASE_URL ?? 'http://localhost:3001',
+      },
+    },
+    // Web E2E tests — Chromium browser
+    {
+      name: 'web',
+      testDir: './e2e/web',
+      use: {
+        ...devices['Desktop Chrome'],
+        baseURL: process.env.WEB_BASE_URL ?? 'http://localhost:3000',
+      },
+    },
+  ],
+
+  webServer: [
+    {
+      command: 'pnpm --filter @goodgo/api run dev',
+      url: 'http://localhost:3001',
+      reuseExistingServer: !process.env.CI,
+      timeout: 30_000,
+      env: {
+        NODE_ENV: 'test',
+      },
+    },
+    {
+      command: 'pnpm --filter @goodgo/web run dev',
+      url: 'http://localhost:3000',
+      reuseExistingServer: !process.env.CI,
+      timeout: 30_000,
+    },
+  ],
+});
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml