Require access token presence in MainContainer auth gate before route entry

Co-Authored-By: Codex <codex@openai.com>
2026-03-08 19:01:03 +08:00
parent 0948a82eb5
commit a8cd590a11
2 changed files with 33 additions and 18 deletions
--- a/tests/views/MainContainerGuard.test.js
+++ b/tests/views/MainContainerGuard.test.js
@@ -84,14 +84,25 @@ describe("MainContainer beforeRouteEnter", () => {
    );
  });

-  it("calls next() when already logged in", async () => {
+  it("calls next() when logged-in marker and access token both exist", async () => {
    document.cookie = "isLuciaLoggedIn=true";
+    document.cookie = "luciaToken=token";

    await callGuard();

    expect(next).toHaveBeenCalled();
  });

+  it("redirects to login when logged-in marker exists without access token", async () => {
+    document.cookie = "isLuciaLoggedIn=true";
+
+    await callGuard();
+
+    expect(next).toHaveBeenCalledWith(
+      expect.objectContaining({ path: "/login" }),
+    );
+  });
+
  it("stores a relative return-to path when redirecting to login", async () => {
    window.history.replaceState(
      {},