Update project configuration and documentation for Reference Board Viewer. Add .direnv support for environment management, enhance README with quick start instructions, and update flake.nix with additional dependencies including pydantic-settings and bcrypt. Introduce quick-start.sh and test-auth.sh scripts for streamlined setup and authentication testing. Remove obsolete planning and task documents to clean up the repository.

2025-11-01 23:55:07 -06:00
parent a95a4c091a
commit 011204188d
13 changed files with 329 additions and 3104 deletions
--- a/scripts/quick-start.sh
+++ b/scripts/quick-start.sh
@@ -0,0 +1,144 @@
+#!/usr/bin/env bash
+# Quick Start Script for Reference Board Viewer
+# This script sets up and runs the authentication system for testing
+
+set -e
+
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+RED='\033[0;31m'
+NC='\033[0m'
+
+echo "========================================="
+echo "Reference Board Viewer - Quick Start"
+echo "========================================="
+echo ""
+
+# Check if we're in the right directory
+if [ ! -f "flake.nix" ]; then
+    echo -e "${RED}Error: Please run this script from the project root${NC}"
+    exit 1
+fi
+
+# Step 1: Create backend .env if it doesn't exist
+echo -e "${YELLOW}Step 1: Setting up backend environment...${NC}"
+if [ ! -f "backend/.env" ]; then
+    echo "Creating backend/.env..."
+    cat > backend/.env << 'EOF'
+# Database
+DATABASE_URL=postgresql://localhost/webref
+
+# JWT Authentication
+SECRET_KEY=test-secret-key-change-in-production-$(openssl rand -hex 16)
+ALGORITHM=HS256
+ACCESS_TOKEN_EXPIRE_MINUTES=30
+
+# MinIO Storage (for later phases)
+MINIO_ENDPOINT=localhost:9000
+MINIO_ACCESS_KEY=minioadmin
+MINIO_SECRET_KEY=minioadmin
+MINIO_BUCKET=webref
+MINIO_SECURE=false
+
+# CORS
+CORS_ORIGINS=http://localhost:5173,http://localhost:3000
+
+# Application
+DEBUG=true
+APP_NAME=Reference Board Viewer
+APP_VERSION=1.0.0
+API_V1_PREFIX=/api/v1
+
+# Logging
+LOG_LEVEL=INFO
+EOF
+    echo -e "${GREEN}✓ Created backend/.env${NC}"
+else
+    echo -e "${GREEN}✓ backend/.env already exists${NC}"
+fi
+echo ""
+
+# Step 2: Create frontend .env if it doesn't exist
+echo -e "${YELLOW}Step 2: Setting up frontend environment...${NC}"
+if [ ! -f "frontend/.env" ]; then
+    echo "Creating frontend/.env..."
+    cat > frontend/.env << 'EOF'
+VITE_API_URL=http://localhost:8000/api/v1
+EOF
+    echo -e "${GREEN}✓ Created frontend/.env${NC}"
+else
+    echo -e "${GREEN}✓ frontend/.env already exists${NC}"
+fi
+echo ""
+
+# Step 3: Check PostgreSQL
+echo -e "${YELLOW}Step 3: Checking PostgreSQL...${NC}"
+if ! command -v psql &> /dev/null; then
+    echo -e "${RED}✗ PostgreSQL not found. Please install PostgreSQL.${NC}"
+    exit 1
+fi
+
+# Check if database exists
+if psql -lqt | cut -d \| -f 1 | grep -qw webref; then
+    echo -e "${GREEN}✓ Database 'webref' exists${NC}"
+else
+    echo "Creating database 'webref'..."
+    createdb webref || {
+        echo -e "${RED}✗ Failed to create database. Make sure PostgreSQL is running.${NC}"
+        echo "Try: sudo systemctl start postgresql"
+        exit 1
+    }
+    echo -e "${GREEN}✓ Created database 'webref'${NC}"
+fi
+echo ""
+
+# Step 4: Run migrations
+echo -e "${YELLOW}Step 4: Running database migrations...${NC}"
+echo "This requires the Nix development environment..."
+if command -v nix &> /dev/null; then
+    nix develop -c bash -c "cd backend && alembic upgrade head" || {
+        echo -e "${RED}✗ Migration failed${NC}"
+        echo "You may need to run manually:"
+        echo "  nix develop"
+        echo "  cd backend"
+        echo "  alembic upgrade head"
+        exit 1
+    }
+    echo -e "${GREEN}✓ Migrations complete${NC}"
+else
+    echo -e "${YELLOW}⚠ Nix not found. Please run migrations manually:${NC}"
+    echo "  nix develop"
+    echo "  cd backend"
+    echo "  alembic upgrade head"
+fi
+echo ""
+
+echo "========================================="
+echo -e "${GREEN}Setup Complete!${NC}"
+echo "========================================="
+echo ""
+echo "Next steps:"
+echo ""
+echo "1. Start the backend server (in one terminal):"
+echo "   $ nix develop"
+echo "   $ cd backend"
+echo "   $ uvicorn app.main:app --reload"
+echo ""
+echo "2. Start the frontend server (in another terminal):"
+echo "   $ cd frontend"
+echo "   $ npm install  # if not done already"
+echo "   $ npm run dev"
+echo ""
+echo "3. Test the API:"
+echo "   $ ./test-auth.sh"
+echo ""
+echo "4. Open browser:"
+echo "   Backend API docs: http://localhost:8000/docs"
+echo "   Frontend app:     http://localhost:5173"
+echo ""
+echo "5. Try registration:"
+echo "   - Navigate to http://localhost:5173/register"
+echo "   - Create an account"
+echo "   - Login and explore!"
+echo ""
+
--- a/scripts/test-auth.sh
+++ b/scripts/test-auth.sh
@@ -0,0 +1,145 @@
+#!/usr/bin/env bash
+# Authentication Testing Script
+# Run this after starting the backend server
+
+set -e
+
+API_BASE="http://localhost:8000"
+API_V1="${API_BASE}/api/v1"
+
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+echo "========================================="
+echo "Testing Reference Board Viewer Auth API"
+echo "========================================="
+echo ""
+
+# Test 1: Health Check
+echo -e "${YELLOW}Test 1: Health Check${NC}"
+response=$(curl -s "${API_BASE}/health")
+if echo "$response" | grep -q "healthy"; then
+    echo -e "${GREEN}✓ Health check passed${NC}"
+else
+    echo -e "${RED}✗ Health check failed${NC}"
+    echo "Response: $response"
+    exit 1
+fi
+echo ""
+
+# Test 2: Register User
+echo -e "${YELLOW}Test 2: Register New User${NC}"
+email="test_$(date +%s)@example.com"
+password="TestPass123"
+
+register_response=$(curl -s -X POST "${API_V1}/auth/register" \
+    -H "Content-Type: application/json" \
+    -d "{\"email\":\"${email}\",\"password\":\"${password}\"}")
+
+if echo "$register_response" | grep -q "id"; then
+    echo -e "${GREEN}✓ User registration successful${NC}"
+    echo "Email: $email"
+else
+    echo -e "${RED}✗ User registration failed${NC}"
+    echo "Response: $register_response"
+    exit 1
+fi
+echo ""
+
+# Test 3: Login User
+echo -e "${YELLOW}Test 3: Login User${NC}"
+login_response=$(curl -s -X POST "${API_V1}/auth/login" \
+    -H "Content-Type: application/json" \
+    -d "{\"email\":\"${email}\",\"password\":\"${password}\"}")
+
+if echo "$login_response" | grep -q "access_token"; then
+    echo -e "${GREEN}✓ Login successful${NC}"
+    token=$(echo "$login_response" | grep -o '"access_token":"[^"]*"' | cut -d'"' -f4)
+    echo "Token: ${token:0:20}..."
+else
+    echo -e "${RED}✗ Login failed${NC}"
+    echo "Response: $login_response"
+    exit 1
+fi
+echo ""
+
+# Test 4: Get Current User (Protected)
+echo -e "${YELLOW}Test 4: Get Current User (Protected Endpoint)${NC}"
+me_response=$(curl -s "${API_V1}/auth/me" \
+    -H "Authorization: Bearer ${token}")
+
+if echo "$me_response" | grep -q "$email"; then
+    echo -e "${GREEN}✓ Protected endpoint works${NC}"
+else
+    echo -e "${RED}✗ Protected endpoint failed${NC}"
+    echo "Response: $me_response"
+    exit 1
+fi
+echo ""
+
+# Test 5: Invalid Token
+echo -e "${YELLOW}Test 5: Test Invalid Token${NC}"
+invalid_response=$(curl -s "${API_V1}/auth/me" \
+    -H "Authorization: Bearer invalid-token-here")
+
+if echo "$invalid_response" | grep -q "Invalid\|Unauthorized"; then
+    echo -e "${GREEN}✓ Invalid token correctly rejected${NC}"
+else
+    echo -e "${RED}✗ Invalid token not rejected properly${NC}"
+    echo "Response: $invalid_response"
+fi
+echo ""
+
+# Test 6: Duplicate Registration
+echo -e "${YELLOW}Test 6: Test Duplicate Registration${NC}"
+duplicate_response=$(curl -s -X POST "${API_V1}/auth/register" \
+    -H "Content-Type: application/json" \
+    -d "{\"email\":\"${email}\",\"password\":\"${password}\"}")
+
+if echo "$duplicate_response" | grep -q "already registered\|Conflict\|409"; then
+    echo -e "${GREEN}✓ Duplicate registration correctly rejected${NC}"
+else
+    echo -e "${RED}✗ Duplicate registration should be rejected${NC}"
+    echo "Response: $duplicate_response"
+fi
+echo ""
+
+# Test 7: Weak Password
+echo -e "${YELLOW}Test 7: Test Weak Password${NC}"
+weak_response=$(curl -s -X POST "${API_V1}/auth/register" \
+    -H "Content-Type: application/json" \
+    -d "{\"email\":\"weak_$(date +%s)@example.com\",\"password\":\"weak\"}")
+
+if echo "$weak_response" | grep -q "Password\|validation\|400"; then
+    echo -e "${GREEN}✓ Weak password correctly rejected${NC}"
+else
+    echo -e "${RED}✗ Weak password should be rejected${NC}"
+    echo "Response: $weak_response"
+fi
+echo ""
+
+# Test 8: Wrong Password
+echo -e "${YELLOW}Test 8: Test Wrong Password${NC}"
+wrong_pass_response=$(curl -s -X POST "${API_V1}/auth/login" \
+    -H "Content-Type: application/json" \
+    -d "{\"email\":\"${email}\",\"password\":\"WrongPass123\"}")
+
+if echo "$wrong_pass_response" | grep -q "Incorrect\|Unauthorized\|401"; then
+    echo -e "${GREEN}✓ Wrong password correctly rejected${NC}"
+else
+    echo -e "${RED}✗ Wrong password should be rejected${NC}"
+    echo "Response: $wrong_pass_response"
+fi
+echo ""
+
+echo "========================================="
+echo -e "${GREEN}All authentication tests passed!${NC}"
+echo "========================================="
+echo ""
+echo "Test user created:"
+echo "  Email: $email"
+echo "  Password: $password"
+echo "  Token: ${token:0:30}..."
+