fix: Svelte 5 test event delegation + login auth regression #46

Merged

marcel merged 2 commits from fix/svelte5-test-delegation-and-login-auth into main

2026-03-22 14:56:14 +01:00

Author	SHA1	Message	Date
Marcel	9731afb776	fix(auth): pass through explicit Authorization header in handleFetch Some checks failed CI / Unit & Component Tests (pull_request) Successful in 2m9s Details CI / Backend Unit Tests (pull_request) Successful in 2m2s Details CI / E2E Tests (pull_request) Failing after 17m15s Details CI / Unit & Component Tests (push) Successful in 2m4s Details CI / Backend Unit Tests (push) Successful in 2m0s Details CI / E2E Tests (push) Failing after 16m27s Details The login action sends Basic auth via an explicit Authorization header. handleFetch was intercepting this request and returning 401 because no auth_token cookie exists yet (the user isn't logged in), never forwarding the credentials to the backend. Fix: if the outgoing request already has an Authorization header, pass it through unchanged. Only inject the cookie-based token for requests that don't provide their own auth. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-22 12:38:01 +01:00
Marcel	f6634f1d00	fix(tests): fix Svelte 5 event delegation not firing via Playwright locator clicks Replace Playwright locator .click() calls with native DOM element.click() for all tests that trigger Svelte 5 delegated onclick handlers ($.delegated). Playwright's CDP-based synthetic events don't propagate through Svelte 5's document-level handle_event_propagation delegation mechanism, while native DOM .click() does. Also replace locator.click() with element.focus() for onfocus handler tests, and add cleanup() to afterEach in all spec files missing it to prevent test pollution between runs. Fix TagInput.svelte to use untrack() when reading bindable state after an await to avoid track_reactivity_loss errors. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-22 12:34:56 +01:00

Author

SHA1

Message

Date

Marcel

9731afb776

fix(auth): pass through explicit Authorization header in handleFetch

CI / Unit & Component Tests (pull_request) Successful in 2m9s

Details

CI / Backend Unit Tests (pull_request) Successful in 2m2s

Details

CI / E2E Tests (pull_request) Failing after 17m15s

Details

CI / Unit & Component Tests (push) Successful in 2m4s

Details

CI / Backend Unit Tests (push) Successful in 2m0s

Details

CI / E2E Tests (push) Failing after 16m27s

Details

The login action sends Basic auth via an explicit Authorization header.
handleFetch was intercepting this request and returning 401 because no
auth_token cookie exists yet (the user isn't logged in), never forwarding
the credentials to the backend.

Fix: if the outgoing request already has an Authorization header, pass it
through unchanged. Only inject the cookie-based token for requests that
don't provide their own auth.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-22 12:38:01 +01:00

Marcel

f6634f1d00

fix(tests): fix Svelte 5 event delegation not firing via Playwright locator clicks

Replace Playwright locator .click() calls with native DOM element.click()
for all tests that trigger Svelte 5 delegated onclick handlers ($.delegated).
Playwright's CDP-based synthetic events don't propagate through Svelte 5's
document-level handle_event_propagation delegation mechanism, while native
DOM .click() does.

Also replace locator.click() with element.focus() for onfocus handler tests,
and add cleanup() to afterEach in all spec files missing it to prevent test
pollution between runs. Fix TagInput.svelte to use untrack() when reading
bindable state after an await to avoid track_reactivity_loss errors.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-22 12:34:56 +01:00

fix: Svelte 5 test event delegation + login auth regression #46

2 Commits