Skip to content

feat: implement admin dashboard API endpoints #79

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Cedarich merged 2 commits into from
Feb 21, 2026
Merged

feat: implement admin dashboard API endpoints #79

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
884b826
fixed eslint
Xhristin3 Feb 21, 2026
f4bd1f1
Merge branch 'main' into feat/admin-api
Xhristin3 Feb 21, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions apps/backend/test/app.e2e-spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,10 @@
import { Test, TestingModule } from '@nestjs/testing';
import { INestApplication } from '@nestjs/common';
import request from 'supertest';
import { App } from 'supertest/types';
import { AppModule } from './../src/app.module';

describe('AppController (e2e)', () => {
let app: INestApplication<App>;
let app: INestApplication;

beforeEach(async () => {
const moduleFixture: TestingModule = await Test.createTestingModule({
Expand All @@ -17,7 +16,7 @@
});

it('/ (GET)', () => {
return request(app.getHttpServer())

Check warning on line 19 in apps/backend/test/app.e2e-spec.ts

View workflow job for this annotation

GitHub Actions / build 

Unsafe argument of type `any` assigned to a parameter of type `App`
.get('/')
.expect(200)
.expect('Hello World!');
Expand Down
21 changes: 11 additions & 10 deletions apps/backend/test/auth.e2e-spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
import { Test, TestingModule } from '@nestjs/testing';
import { INestApplication, ValidationPipe } from '@nestjs/common';
import supertest from 'supertest';
import request from 'supertest';
import type { Server } from 'http';
import { AppModule } from './../src/app.module';
import supertest from 'supertest';

// Mock Stellar keypair for testing
interface MockKeypair {
Expand Down Expand Up @@ -73,7 +74,7 @@ describe('AuthController (e2e)', () => {

describe('/auth/challenge (POST)', () => {
it('should return a unique nonce for a wallet address', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.post('/auth/challenge')
.send({ walletAddress: testWalletAddress })
.expect(200);
Expand All @@ -86,7 +87,7 @@ describe('AuthController (e2e)', () => {
});

it('should return 400 for invalid wallet address', async () => {
await supertest(httpServer)
await request(httpServer)
.post('/auth/challenge')
.send({ walletAddress: 'invalid-address' })
.expect(400);
Expand All @@ -96,15 +97,15 @@ describe('AuthController (e2e)', () => {
describe('/auth/verify (POST)', () => {
it('should verify a valid signature and return tokens', async () => {
// First get a challenge
const challengeResponse = await supertest(httpServer)
const challengeResponse = await request(httpServer)
.post('/auth/challenge')
.send({ walletAddress: testWalletAddress })
.expect(200);

const message = (challengeResponse.body as ChallengeResponse).message;
const signature = testKeypair.sign(Buffer.from(message)).toString('hex');

const response = await supertest(httpServer)
const response = await request(httpServer)
.post('/auth/verify')
.send({
walletAddress: testWalletAddress,
Expand All @@ -121,7 +122,7 @@ describe('AuthController (e2e)', () => {
});

it('should return 401 for invalid signature', async () => {
await supertest(httpServer)
await request(httpServer)
.post('/auth/verify')
.send({
walletAddress: testWalletAddress,
Expand All @@ -135,15 +136,15 @@ describe('AuthController (e2e)', () => {
describe('/auth/me (GET)', () => {
beforeEach(async () => {
// Get a valid access token
const challengeResponse = await supertest(httpServer)
const challengeResponse = await request(httpServer)
.post('/auth/challenge')
.send({ walletAddress: testWalletAddress })
.expect(200);

const message = (challengeResponse.body as ChallengeResponse).message;
const signature = testKeypair.sign(Buffer.from(message)).toString('hex');

const verifyResponse = await supertest(httpServer)
const verifyResponse = await request(httpServer)
.post('/auth/verify')
.send({
walletAddress: testWalletAddress,
Expand All @@ -156,7 +157,7 @@ describe('AuthController (e2e)', () => {
});

it('should return current user with valid token', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.get('/auth/me')
.set('Authorization', `Bearer ${accessToken}`)
.expect(200);
Expand All @@ -175,7 +176,7 @@ describe('AuthController (e2e)', () => {
});

it('should return 401 with invalid token', async () => {
await supertest(httpServer)
await request(httpServer)
.get('/auth/me')
.set('Authorization', 'Bearer invalid-token')
.expect(401);
Expand Down
54 changes: 27 additions & 27 deletions apps/backend/test/escrow.e2e-spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { Test, TestingModule } from '@nestjs/testing';
import { INestApplication, ValidationPipe } from '@nestjs/common';
import supertest from 'supertest';
import request from 'supertest';
import type { Server } from 'http';
import { AppModule } from '../src/app.module';
import { TypeOrmModule } from '@nestjs/typeorm';
Expand Down Expand Up @@ -67,14 +67,14 @@ describe('Escrow (e2e)', () => {
httpServer = app.getHttpServer() as Server;

// Authenticate first user
const challengeResponse = await supertest(httpServer)
const challengeResponse = await request(httpServer)
.post('/auth/challenge')
.send({ walletAddress: testWalletAddress });

const message = (challengeResponse.body as { message: string }).message;
const signature = testKeypair.sign(message).toString('hex');

const verifyResponse = await supertest(httpServer)
const verifyResponse = await request(httpServer)
.post('/auth/verify')
.send({
walletAddress: testWalletAddress,
Expand All @@ -84,28 +84,28 @@ describe('Escrow (e2e)', () => {

accessToken = (verifyResponse.body as { accessToken: string }).accessToken;

const meResponse = await supertest(httpServer)
const meResponse = await request(httpServer)
.get('/auth/me')
.set('Authorization', `Bearer ${accessToken}`);
userId = (meResponse.body as { id: string }).id;

// Authenticate second user
const challenge2 = await supertest(httpServer)
const challenge2 = await request(httpServer)
.post('/auth/challenge')
.send({ walletAddress: secondWalletAddress });

const message2 = (challenge2.body as { message: string }).message;
const signature2 = secondKeypair.sign(message2).toString('hex');

const verify2 = await supertest(httpServer).post('/auth/verify').send({
const verify2 = await request(httpServer).post('/auth/verify').send({
walletAddress: secondWalletAddress,
signature: signature2,
publicKey: secondWalletAddress,
});

secondAccessToken = (verify2.body as { accessToken: string }).accessToken;

const me2 = await supertest(httpServer)
const me2 = await request(httpServer)
.get('/auth/me')
.set('Authorization', `Bearer ${secondAccessToken}`);
secondUserId = (me2.body as { id: string }).id;
Expand Down Expand Up @@ -133,7 +133,7 @@ describe('Escrow (e2e)', () => {

describe('POST /escrows', () => {
it('should create an escrow', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.post('/escrows')
.set('Authorization', `Bearer ${accessToken}`)
.send({
Expand All @@ -154,7 +154,7 @@ describe('Escrow (e2e)', () => {
});

it('should create an escrow with conditions', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.post('/escrows')
.set('Authorization', `Bearer ${accessToken}`)
.send({
Expand All @@ -173,7 +173,7 @@ describe('Escrow (e2e)', () => {
});

it('should return 400 for invalid data', async () => {
await supertest(httpServer)
await request(httpServer)
.post('/escrows')
.set('Authorization', `Bearer ${accessToken}`)
.send({
Expand All @@ -184,7 +184,7 @@ describe('Escrow (e2e)', () => {
});

it('should return 401 without auth token', async () => {
await supertest(httpServer)
await request(httpServer)
.post('/escrows')
.send({
title: 'Test Escrow',
Expand All @@ -197,7 +197,7 @@ describe('Escrow (e2e)', () => {

describe('GET /escrows', () => {
it('should return user escrows', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.get('/escrows')
.set('Authorization', `Bearer ${accessToken}`)
.expect(200);
Expand All @@ -211,7 +211,7 @@ describe('Escrow (e2e)', () => {
});

it('should support pagination', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.get('/escrows?page=1&limit=5')
.set('Authorization', `Bearer ${accessToken}`)
.expect(200);
Expand All @@ -222,7 +222,7 @@ describe('Escrow (e2e)', () => {
});

it('should filter by status', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.get('/escrows?status=pending')
.set('Authorization', `Bearer ${accessToken}`)
.expect(200);
Expand All @@ -234,15 +234,15 @@ describe('Escrow (e2e)', () => {
});

it('should return 401 without auth token', async () => {
await supertest(httpServer).get('/escrows').expect(401);
await request(httpServer).get('/escrows').expect(401);
});
});

describe('GET /escrows/:id', () => {
let escrowId: string;

beforeAll(async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.post('/escrows')
.set('Authorization', `Bearer ${accessToken}`)
.send({
Expand All @@ -254,7 +254,7 @@ describe('Escrow (e2e)', () => {
});

it('should return escrow details for creator', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.get(`/escrows/${escrowId}`)
.set('Authorization', `Bearer ${accessToken}`)
.expect(200);
Expand All @@ -265,7 +265,7 @@ describe('Escrow (e2e)', () => {
});

it('should return escrow details for party', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.get(`/escrows/${escrowId}`)
.set('Authorization', `Bearer ${secondAccessToken}`)
.expect(200);
Expand All @@ -275,7 +275,7 @@ describe('Escrow (e2e)', () => {
});

it('should return 404 for non-existent escrow', async () => {
await supertest(httpServer)
await request(httpServer)
.get('/escrows/non-existent-id')
.set('Authorization', `Bearer ${accessToken}`)
.expect(404);
Expand All @@ -286,7 +286,7 @@ describe('Escrow (e2e)', () => {
let escrowId: string;

beforeEach(async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.post('/escrows')
.set('Authorization', `Bearer ${accessToken}`)
.send({
Expand All @@ -298,7 +298,7 @@ describe('Escrow (e2e)', () => {
});

it('should update escrow by creator', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.patch(`/escrows/${escrowId}`)
.set('Authorization', `Bearer ${accessToken}`)
.send({ title: 'Updated Title' })
Expand All @@ -309,7 +309,7 @@ describe('Escrow (e2e)', () => {
});

it('should return 403 when non-creator tries to update', async () => {
await supertest(httpServer)
await request(httpServer)
.patch(`/escrows/${escrowId}`)
.set('Authorization', `Bearer ${secondAccessToken}`)
.send({ title: 'Unauthorized Update' })
Expand All @@ -321,7 +321,7 @@ describe('Escrow (e2e)', () => {
let escrowId: string;

beforeEach(async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.post('/escrows')
.set('Authorization', `Bearer ${accessToken}`)
.send({
Expand All @@ -333,7 +333,7 @@ describe('Escrow (e2e)', () => {
});

it('should cancel escrow by creator', async () => {
const response = await supertest(httpServer)
const response = await request(httpServer)
.post(`/escrows/${escrowId}/cancel`)
.set('Authorization', `Bearer ${accessToken}`)
.send({ reason: 'Changed my mind' })
Expand All @@ -344,7 +344,7 @@ describe('Escrow (e2e)', () => {
});

it('should return 403 when non-creator tries to cancel pending escrow', async () => {
await supertest(httpServer)
await request(httpServer)
.post(`/escrows/${escrowId}/cancel`)
.set('Authorization', `Bearer ${secondAccessToken}`)
.send({ reason: 'Unauthorized cancel' })
Expand All @@ -353,13 +353,13 @@ describe('Escrow (e2e)', () => {

it('should return 400 when trying to cancel already cancelled escrow', async () => {
// First cancel
await supertest(httpServer)
await request(httpServer)
.post(`/escrows/${escrowId}/cancel`)
.set('Authorization', `Bearer ${accessToken}`)
.send({});

// Try to cancel again
await supertest(httpServer)
await request(httpServer)
.post(`/escrows/${escrowId}/cancel`)
.set('Authorization', `Bearer ${accessToken}`)
.send({})
Expand Down
Loading