feat: Implement email/password and X OAuth authentication, replacing the dev-login mechanism.

test/validation.test.js

@@ -5,7 +5,8 @@ const assert = require("node:assert/strict");
 const {
   XWebhookPayloadSchema,
   PolarWebhookPayloadSchema,
-  LoginFormSchema,
+  EmailSignInFormSchema,
+  EmailSignUpFormSchema,
   TopUpFormSchema,
   SimulateMentionFormSchema,
   parseOrThrow,
@@ -31,13 +32,24 @@ test("validates Polar webhook payload with numeric coercion", () => {
   assert.equal(parsed.credits, 12);
 });
 
-test("rejects invalid login username", () => {
+test("rejects invalid email sign-in payload", () => {
   assert.throws(
-    () => parseOrThrow(LoginFormSchema, { userId: "!" }),
-    /Username must be 2-40 characters using letters, numbers, _ or -/,
+    () => parseOrThrow(EmailSignInFormSchema, { email: "not-an-email", password: "12345678" }),
+    /Enter a valid email address/,
   );
 });
 
+test("validates email sign-up payload", () => {
+  const parsed = parseOrThrow(EmailSignUpFormSchema, {
+    name: "Alice",
+    email: "alice@example.com",
+    password: "password123",
+  });
+
+  assert.equal(parsed.name, "Alice");
+  assert.equal(parsed.email, "alice@example.com");
+});
+
 test("validates topup amount range", () => {
   assert.throws(() => parseOrThrow(TopUpFormSchema, { amount: "999" }), /Too big/);