Problem
All three existing tests cover only CORS headers. The core proxy behaviour — request forwarding to upstream, authentication token validation, and error responses — has no test coverage.
Why now
Any change to index.js request-handling logic can silently break auth or forwarding with no CI signal.
Acceptance criteria
- Test: valid auth token results in proxied request to upstream
- Test: missing or invalid auth token returns HTTP 401
- Test: upstream timeout or error returns HTTP 502
- Test: malformed JSON body returns HTTP 400
- All new tests pass in npm test
Target files
Suggested validation
npm test passes with all new casesEach test asserts a specific status code and response body
Created by autobot — risk: low
Problem
All three existing tests cover only CORS headers. The core proxy behaviour — request forwarding to upstream, authentication token validation, and error responses — has no test coverage.
Why now
Any change to index.js request-handling logic can silently break auth or forwarding with no CI signal.
Acceptance criteria
Target files
index.test.jsindex.jsSuggested validation
npm test passes with all new casesEach test asserts a specific status code and response bodyCreated by autobot — risk: low