import { expect, test } from './fixtures'; const moicenUnionid = process.env.MOICEN_E2E_UNIONID?.trim(); test.describe('已登录用户与串号防护', () => { test.skip(!moicenUnionid, '需要 MOICEN_E2E_UNIONID(Secret 或 .env.e2e)'); test('login2_with_unionid 后不应停留在未登录占位,应出现身份或工作台', async ({ page, }) => { const q = new URLSearchParams({ unionid: moicenUnionid!, status: '2', }); await page.goto(`/?${q.toString()}`, { waitUntil: 'domcontentloaded', timeout: 60_000, }); await expect(page.locator('#app')).toBeVisible({ timeout: 60_000 }); await expect( page.getByText('请返回微信小程序完成登录') ).not.toBeVisible({ timeout: 90_000 }); await expect( page.getByText(/请选择您的登录身份|欢迎回来|进入工作台/) ).toBeVisible({ timeout: 90_000 }); }); test('已登录后 URL 中异主 unionid 应被剥离(不串号)', async ({ page }) => { const q = new URLSearchParams({ unionid: moicenUnionid!, status: '2', }); await page.goto(`/?${q.toString()}`, { waitUntil: 'domcontentloaded', timeout: 60_000, }); await expect( page.getByText(/请选择您的登录身份|欢迎回来|进入工作台/) ).toBeVisible({ timeout: 90_000 }); const poisonUnionid = 'e2eStrangerUnionidNotCurrentUser001'; const pathBefore = new URL(page.url()).pathname || '/'; await page.goto( `${pathBefore}?unionid=${encodeURIComponent(poisonUnionid)}&status=2`, { waitUntil: 'domcontentloaded', timeout: 60_000 } ); await page.waitForURL( (u) => !u.toString().includes(poisonUnionid), { timeout: 45_000 } ); expect(page.url()).not.toContain(poisonUnionid); await expect( page.getByText('请返回微信小程序完成登录') ).not.toBeVisible(); }); test('多角色时选身份后应进入已登录态(避免与单一文案耦合)', async ({ page, }) => { const q = new URLSearchParams({ unionid: moicenUnionid!, status: '2', }); await page.goto(`/?${q.toString()}`, { waitUntil: 'domcontentloaded', timeout: 60_000, }); if (await page.getByText('请选择您的登录身份').isVisible().catch(() => false)) { await page.locator('.van-grid-item').first().click(); } await expect( page.getByText(/欢迎回来|进入工作台|请选择您的登录身份/) ).toBeVisible({ timeout: 120_000 }); await expect( page.getByText('请返回微信小程序完成登录') ).not.toBeVisible({ timeout: 120_000 }); }); });