feat: enhance host API authentication handling and add regression tests

tests/app-router-host-api-auth-regression.test.tsx

@@ -0,0 +1,118 @@
+import React from 'react';
+import { render, screen, waitFor } from '@testing-library/react';
+import { HashRouter } from 'react-router-dom';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { setLocale } from '../src/i18n';
+
+const mocks = vi.hoisted(() => ({
+  invoke: vi.fn(),
+}));
+
+vi.mock('../src/pages/Login', async () => {
+  const ReactModule = await import('react');
+  return {
+    default: function LoginPageMock() {
+      return ReactModule.createElement('div', null, 'login-page');
+    },
+  };
+});
+
+vi.mock('../src/pages/Setting', async () => {
+  const ReactModule = await import('react');
+
+  return {
+    default: function SettingPageMock() {
+      ReactModule.useEffect(() => {
+        void import('../src/lib/host-api').then(({ hostApiFetch }) => {
+          void hostApiFetch('/api/gateway/status').catch(() => {});
+        });
+      }, []);
+
+      return ReactModule.createElement('div', null, 'protected-setting-page');
+    },
+  };
+});
+
+import { AppRouter } from '../src/router';
+
+describe('AppRouter host api auth regression', () => {
+  function renderProtectedRoute() {
+    render(
+      <HashRouter>
+        <AppRouter />
+      </HashRouter>,
+    );
+  }
+
+  beforeEach(() => {
+    vi.clearAllMocks();
+    setLocale('en');
+    window.sessionStorage.clear();
+    window.localStorage.clear();
+    document.cookie = 'token=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/';
+    window.location.hash = '#/setting';
+    window.sessionStorage.setItem('token', JSON.stringify('access-token'));
+
+    (window as typeof window & { api?: unknown }).api = {
+      invoke: mocks.invoke,
+      platform: 'darwin',
+    };
+
+    mocks.invoke.mockImplementation(async (channel: string) => {
+      if (channel === 'hostapi:fetch') {
+        return {
+          success: false,
+          ok: false,
+          status: 401,
+          code: 'HOST_API_UNAUTHORIZED',
+          error: 'Host API authentication failed',
+        };
+      }
+
+      throw new Error(`Unexpected IPC channel: ${channel}`);
+    });
+  });
+
+  it('keeps the user on a protected route when local host api auth fails', async () => {
+    renderProtectedRoute();
+
+    expect(await screen.findByText('protected-setting-page')).toBeTruthy();
+
+    await waitFor(() => {
+      expect(mocks.invoke).toHaveBeenCalledWith('hostapi:fetch', expect.objectContaining({
+        path: '/api/gateway/status',
+      }));
+    });
+
+    await waitFor(() => {
+      expect(screen.queryByText('login-page')).toBeNull();
+      expect(screen.getByText('protected-setting-page')).toBeTruthy();
+      expect(window.sessionStorage.getItem('token')).toBe(JSON.stringify('access-token'));
+    });
+  });
+
+  it('keeps the user on a protected route when upstream api returns unauthorized', async () => {
+    mocks.invoke.mockResolvedValueOnce({
+      success: false,
+      ok: false,
+      status: 401,
+      error: 'Unauthorized',
+    });
+
+    renderProtectedRoute();
+
+    expect(await screen.findByText('protected-setting-page')).toBeTruthy();
+
+    await waitFor(() => {
+      expect(mocks.invoke).toHaveBeenCalledWith('hostapi:fetch', expect.objectContaining({
+        path: '/api/gateway/status',
+      }));
+    });
+
+    await waitFor(() => {
+      expect(screen.queryByText('login-page')).toBeNull();
+      expect(screen.getByText('protected-setting-page')).toBeTruthy();
+      expect(window.sessionStorage.getItem('token')).toBe(JSON.stringify('access-token'));
+    });
+  });
+});