← All tests

R1.1 — Cashier tab + PIN identities LOCAL

2026-04-21. First cycle of R1 (NIX-OS-67, Phase 3 POS): PBKDF2 PIN hashing, commerce.pin_identities DAO, cashier CRUD server actions, and a new Cashier tab on the Team page. This page captures local Gate 1 artifacts before prod deploy.

5/5 local Gate 1 checks passed. Verified: PBKDF2 hash/verify unit tests (12 assertions), commerce.pin_identities schema shape, DAO round-trip against local Postgres (create → verify → deactivate → reset → old-fails/new-succeeds), and SSR smoke on /cafe/team (307 unauthed, not 500).
Gate 2 (prod) will cover the "use server" click-through. Local doesn't run Commerce SSO, so the action wrapper (auth gate + revalidatePath) is exercised on prod after deploy — lesson learned from M3's ShopSelector CSRF bug.

01Schema — commerce.pin_identities✓ shape matches spec §6.2

Loading…
Open raw dump

02DAO round-trip — PBKDF2 + list/create/deactivate/reset✓ 9/9 assertions

Loading…
Open raw log

03HTTP smoke — /cafe/team unauthed✓ 307 redirect (no 500)

Unauthenticated /cafe/team redirect
Team page redirect
Hitting /cafe/team without a nix_session cookie lands on the Cafe login bridge, which auto-redirects to Commerce SSO at localhost:5175. Confirms the new dynamic = "force-dynamic" export didn't break middleware routing.

04What Gate 2 will exercise on prod

  1. Sign in as owner on get-coffee.nixtech.app, navigate to /cafe/team.
  2. Click Cashiers tab → click Add cashier.
  3. Submit name + shop → PIN reveal modal shows a 4-digit PIN once.
  4. Close modal → cashier appears in the table as Active.
  5. Click Reset PIN → new PIN revealed, old hash replaced in DB.
  6. Click Deactivate → row flips to Inactive, verify row survives (soft-delete).
  7. Re-run test-phase1-prod.mjs → 11/11 regression green.