Update project configuration and documentation for Reference Board Viewer. Add .direnv support for environment management, enhance README with quick start instructions, and update flake.nix with additional dependencies including pydantic-settings and bcrypt. Introduce quick-start.sh and test-auth.sh scripts for streamlined setup and authentication testing. Remove obsolete planning and task documents to clean up the repository.
This commit is contained in:
Danilo Reyes
145
scripts/test-auth.sh
Executable file
145
scripts/test-auth.sh
Executable file
@@ -0,0 +1,145 @@
|
||||
#!/usr/bin/env bash
|
||||
# Authentication Testing Script
|
||||
# Run this after starting the backend server
|
||||
|
||||
set -e
|
||||
|
||||
API_BASE="http://localhost:8000"
|
||||
API_V1="${API_BASE}/api/v1"
|
||||
|
||||
GREEN='\033[0;32m'
|
||||
RED='\033[0;31m'
|
||||
YELLOW='\033[1;33m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
echo "========================================="
|
||||
echo "Testing Reference Board Viewer Auth API"
|
||||
echo "========================================="
|
||||
echo ""
|
||||
|
||||
# Test 1: Health Check
|
||||
echo -e "${YELLOW}Test 1: Health Check${NC}"
|
||||
response=$(curl -s "${API_BASE}/health")
|
||||
if echo "$response" | grep -q "healthy"; then
|
||||
echo -e "${GREEN}✓ Health check passed${NC}"
|
||||
else
|
||||
echo -e "${RED}✗ Health check failed${NC}"
|
||||
echo "Response: $response"
|
||||
exit 1
|
||||
fi
|
||||
echo ""
|
||||
|
||||
# Test 2: Register User
|
||||
echo -e "${YELLOW}Test 2: Register New User${NC}"
|
||||
email="test_$(date +%s)@example.com"
|
||||
password="TestPass123"
|
||||
|
||||
register_response=$(curl -s -X POST "${API_V1}/auth/register" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"email\":\"${email}\",\"password\":\"${password}\"}")
|
||||
|
||||
if echo "$register_response" | grep -q "id"; then
|
||||
echo -e "${GREEN}✓ User registration successful${NC}"
|
||||
echo "Email: $email"
|
||||
else
|
||||
echo -e "${RED}✗ User registration failed${NC}"
|
||||
echo "Response: $register_response"
|
||||
exit 1
|
||||
fi
|
||||
echo ""
|
||||
|
||||
# Test 3: Login User
|
||||
echo -e "${YELLOW}Test 3: Login User${NC}"
|
||||
login_response=$(curl -s -X POST "${API_V1}/auth/login" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"email\":\"${email}\",\"password\":\"${password}\"}")
|
||||
|
||||
if echo "$login_response" | grep -q "access_token"; then
|
||||
echo -e "${GREEN}✓ Login successful${NC}"
|
||||
token=$(echo "$login_response" | grep -o '"access_token":"[^"]*"' | cut -d'"' -f4)
|
||||
echo "Token: ${token:0:20}..."
|
||||
else
|
||||
echo -e "${RED}✗ Login failed${NC}"
|
||||
echo "Response: $login_response"
|
||||
exit 1
|
||||
fi
|
||||
echo ""
|
||||
|
||||
# Test 4: Get Current User (Protected)
|
||||
echo -e "${YELLOW}Test 4: Get Current User (Protected Endpoint)${NC}"
|
||||
me_response=$(curl -s "${API_V1}/auth/me" \
|
||||
-H "Authorization: Bearer ${token}")
|
||||
|
||||
if echo "$me_response" | grep -q "$email"; then
|
||||
echo -e "${GREEN}✓ Protected endpoint works${NC}"
|
||||
else
|
||||
echo -e "${RED}✗ Protected endpoint failed${NC}"
|
||||
echo "Response: $me_response"
|
||||
exit 1
|
||||
fi
|
||||
echo ""
|
||||
|
||||
# Test 5: Invalid Token
|
||||
echo -e "${YELLOW}Test 5: Test Invalid Token${NC}"
|
||||
invalid_response=$(curl -s "${API_V1}/auth/me" \
|
||||
-H "Authorization: Bearer invalid-token-here")
|
||||
|
||||
if echo "$invalid_response" | grep -q "Invalid\|Unauthorized"; then
|
||||
echo -e "${GREEN}✓ Invalid token correctly rejected${NC}"
|
||||
else
|
||||
echo -e "${RED}✗ Invalid token not rejected properly${NC}"
|
||||
echo "Response: $invalid_response"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
# Test 6: Duplicate Registration
|
||||
echo -e "${YELLOW}Test 6: Test Duplicate Registration${NC}"
|
||||
duplicate_response=$(curl -s -X POST "${API_V1}/auth/register" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"email\":\"${email}\",\"password\":\"${password}\"}")
|
||||
|
||||
if echo "$duplicate_response" | grep -q "already registered\|Conflict\|409"; then
|
||||
echo -e "${GREEN}✓ Duplicate registration correctly rejected${NC}"
|
||||
else
|
||||
echo -e "${RED}✗ Duplicate registration should be rejected${NC}"
|
||||
echo "Response: $duplicate_response"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
# Test 7: Weak Password
|
||||
echo -e "${YELLOW}Test 7: Test Weak Password${NC}"
|
||||
weak_response=$(curl -s -X POST "${API_V1}/auth/register" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"email\":\"weak_$(date +%s)@example.com\",\"password\":\"weak\"}")
|
||||
|
||||
if echo "$weak_response" | grep -q "Password\|validation\|400"; then
|
||||
echo -e "${GREEN}✓ Weak password correctly rejected${NC}"
|
||||
else
|
||||
echo -e "${RED}✗ Weak password should be rejected${NC}"
|
||||
echo "Response: $weak_response"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
# Test 8: Wrong Password
|
||||
echo -e "${YELLOW}Test 8: Test Wrong Password${NC}"
|
||||
wrong_pass_response=$(curl -s -X POST "${API_V1}/auth/login" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"email\":\"${email}\",\"password\":\"WrongPass123\"}")
|
||||
|
||||
if echo "$wrong_pass_response" | grep -q "Incorrect\|Unauthorized\|401"; then
|
||||
echo -e "${GREEN}✓ Wrong password correctly rejected${NC}"
|
||||
else
|
||||
echo -e "${RED}✗ Wrong password should be rejected${NC}"
|
||||
echo "Response: $wrong_pass_response"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
echo "========================================="
|
||||
echo -e "${GREEN}All authentication tests passed!${NC}"
|
||||
echo "========================================="
|
||||
echo ""
|
||||
echo "Test user created:"
|
||||
echo " Email: $email"
|
||||
echo " Password: $password"
|
||||
echo " Token: ${token:0:30}..."
|
||||
|
||||
Reference in New Issue
Block a user