73eca4f6ad
Backend (Go): - Config: CORS, RabbitMQ, rate limit, main config updates - Routes: core, distribution, tracks routing changes - Middleware: rate limiter, endpoint limiter, response cache hardening - Handlers: distribution, search handler fixes - Workers: job worker improvements - Upload validator and logging config additions - New migrations: products, orders, performance indexes - Seed tooling and data Stream Server (Rust): - Audio processing, config, routes, simple stream server updates - Dockerfile improvements Infrastructure: - docker-compose.yml updates - nginx-rtmp config changes - Makefile improvements (config, dev, high, infra) - Root package.json and lock file updates - .env.example updates Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
255 lines
8.7 KiB
Bash
Executable file
255 lines
8.7 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Script de test complet pour T0151-T0180
|
|
# Teste tous les endpoints d'authentification
|
|
|
|
set -e
|
|
|
|
GREEN='\033[0;32m'
|
|
RED='\033[0;31m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m'
|
|
|
|
BASE_URL="http://localhost:18080/api/v1"
|
|
TEST_EMAIL="test_$(date +%s)@veza.local"
|
|
TEST_USERNAME="testuser_$(date +%s)"
|
|
TEST_PASSWORD="TestPassword123!"
|
|
ACCESS_TOKEN=""
|
|
REFRESH_TOKEN=""
|
|
|
|
echo -e "${YELLOW}🧪 TEST COMPLET DES TÂCHES T0151-T0180${NC}"
|
|
echo "=========================================="
|
|
echo ""
|
|
|
|
# Fonction pour afficher les résultats
|
|
print_result() {
|
|
if [ $1 -eq 0 ]; then
|
|
echo -e "${GREEN}✅ $2${NC}"
|
|
else
|
|
echo -e "${RED}❌ $2${NC}"
|
|
echo "Response: $3"
|
|
fi
|
|
}
|
|
|
|
# Test 1: Health Check
|
|
echo -e "${YELLOW}1. Test Health Check${NC}"
|
|
RESPONSE=$(curl -s -w "\n%{http_code}" http://localhost:18080/api/v1/health)
|
|
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
|
|
BODY=$(echo "$RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Health check OK"
|
|
echo " Response: $BODY"
|
|
else
|
|
print_result 1 "Health check FAILED" "$BODY"
|
|
exit 1
|
|
fi
|
|
echo ""
|
|
|
|
# Test 2: T0151-T0160 - User Registration
|
|
echo -e "${YELLOW}2. Test T0151-T0160: User Registration${NC}"
|
|
|
|
# Test 2.1: Check Username Availability
|
|
echo " 2.1. Check Username Availability"
|
|
RESPONSE=$(curl -s -w "\n%{http_code}" "$BASE_URL/auth/check-username?username=$TEST_USERNAME")
|
|
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
|
|
BODY=$(echo "$RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Username check OK"
|
|
echo " Response: $BODY"
|
|
else
|
|
print_result 1 "Username check FAILED" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 2.2: Register User
|
|
echo " 2.2. Register User"
|
|
REGISTER_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/register" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"username\": \"$TEST_USERNAME\",
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"$TEST_PASSWORD\",
|
|
\"password_confirm\": \"$TEST_PASSWORD\"
|
|
}")
|
|
HTTP_CODE=$(echo "$REGISTER_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$REGISTER_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "201" ]; then
|
|
print_result 0 "Registration OK"
|
|
echo " Response: $BODY"
|
|
# Extraire les tokens
|
|
ACCESS_TOKEN=$(echo "$BODY" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
|
|
REFRESH_TOKEN=$(echo "$BODY" | grep -o '"refresh_token":"[^"]*' | cut -d'"' -f4)
|
|
if [ -n "$ACCESS_TOKEN" ] && [ -n "$REFRESH_TOKEN" ]; then
|
|
echo -e " ${GREEN}✅ Tokens extraits${NC}"
|
|
else
|
|
echo -e " ${RED}❌ Erreur extraction tokens${NC}"
|
|
fi
|
|
else
|
|
print_result 1 "Registration FAILED" "$BODY"
|
|
exit 1
|
|
fi
|
|
echo ""
|
|
|
|
# Test 2.3: Register avec email déjà utilisé (doit échouer)
|
|
echo " 2.3. Register avec email déjà utilisé (doit échouer)"
|
|
DUPLICATE_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/register" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"username\": \"${TEST_USERNAME}_2\",
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"$TEST_PASSWORD\",
|
|
\"password_confirm\": \"$TEST_PASSWORD\"
|
|
}")
|
|
HTTP_CODE=$(echo "$DUPLICATE_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$DUPLICATE_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "409" ] || [ "$HTTP_CODE" = "400" ]; then
|
|
print_result 0 "Duplicate email correctly rejected"
|
|
else
|
|
print_result 1 "Duplicate email not rejected" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 3: T0161-T0170 - Login/Logout
|
|
echo -e "${YELLOW}3. Test T0161-T0170: Login/Logout${NC}"
|
|
|
|
# Test 3.1: Marquer l'utilisateur comme vérifié pour permettre le login
|
|
echo " 3.1. Marquer l'utilisateur comme vérifié"
|
|
PGPASSWORD=veza_password psql -U veza_user -d veza_db -h localhost -c "UPDATE users SET is_verified = true WHERE email = '$TEST_EMAIL';" > /dev/null 2>&1
|
|
if [ $? -eq 0 ]; then
|
|
echo -e " ${GREEN}✅ Utilisateur marqué comme vérifié${NC}"
|
|
else
|
|
echo -e " ${YELLOW}⚠️ Impossible de marquer l'utilisateur comme vérifié (continuer quand même)${NC}"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 3.2: Login avec credentials valides
|
|
echo " 3.2. Login avec credentials valides"
|
|
LOGIN_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"$TEST_PASSWORD\",
|
|
\"remember_me\": false
|
|
}")
|
|
HTTP_CODE=$(echo "$LOGIN_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$LOGIN_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Login OK"
|
|
echo " Response: $BODY"
|
|
# Extraire les nouveaux tokens
|
|
NEW_ACCESS_TOKEN=$(echo "$BODY" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
|
|
NEW_REFRESH_TOKEN=$(echo "$BODY" | grep -o '"refresh_token":"[^"]*' | cut -d'"' -f4)
|
|
if [ -n "$NEW_ACCESS_TOKEN" ] && [ -n "$NEW_REFRESH_TOKEN" ]; then
|
|
ACCESS_TOKEN="$NEW_ACCESS_TOKEN"
|
|
REFRESH_TOKEN="$NEW_REFRESH_TOKEN"
|
|
echo -e " ${GREEN}✅ Tokens extraits${NC}"
|
|
fi
|
|
else
|
|
print_result 1 "Login FAILED" "$BODY"
|
|
# Ne pas quitter, continuer les tests
|
|
fi
|
|
echo ""
|
|
|
|
# Test 3.3: Login avec credentials invalides (doit échouer)
|
|
echo " 3.3. Login avec credentials invalides (doit échouer)"
|
|
INVALID_LOGIN_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/login" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"email\": \"$TEST_EMAIL\",
|
|
\"password\": \"WrongPassword123!\",
|
|
\"remember_me\": false
|
|
}")
|
|
HTTP_CODE=$(echo "$INVALID_LOGIN_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$INVALID_LOGIN_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "401" ]; then
|
|
print_result 0 "Invalid credentials correctly rejected"
|
|
else
|
|
print_result 1 "Invalid credentials not rejected" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4: T0171-T0180 - JWT Management
|
|
echo -e "${YELLOW}4. Test T0171-T0180: JWT Management${NC}"
|
|
|
|
# Test 4.1: Accès à une route protégée avec token valide
|
|
echo " 4.1. Accès à une route protégée avec token valide"
|
|
if [ -n "$ACCESS_TOKEN" ]; then
|
|
PROTECTED_RESPONSE=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/users/settings" \
|
|
-H "Authorization: Bearer $ACCESS_TOKEN")
|
|
HTTP_CODE=$(echo "$PROTECTED_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$PROTECTED_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "404" ]; then
|
|
print_result 0 "Protected route accessible with valid token"
|
|
else
|
|
print_result 1 "Protected route not accessible" "$BODY"
|
|
fi
|
|
else
|
|
echo -e " ${RED}❌ Pas de token disponible${NC}"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4.2: Accès à une route protégée sans token (doit échouer)
|
|
echo " 4.2. Accès à une route protégée sans token (doit échouer)"
|
|
NO_TOKEN_RESPONSE=$(curl -s -w "\n%{http_code}" -X GET "$BASE_URL/users/settings")
|
|
HTTP_CODE=$(echo "$NO_TOKEN_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$NO_TOKEN_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "401" ] || [ "$HTTP_CODE" = "403" ]; then
|
|
print_result 0 "Protected route correctly requires authentication"
|
|
else
|
|
print_result 1 "Protected route should require authentication" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4.3: Refresh Token
|
|
echo " 4.3. Refresh Token"
|
|
if [ -n "$REFRESH_TOKEN" ]; then
|
|
REFRESH_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/refresh" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"refresh_token\": \"$REFRESH_TOKEN\"
|
|
}")
|
|
HTTP_CODE=$(echo "$REFRESH_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$REFRESH_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
print_result 0 "Token refresh OK"
|
|
echo " Response: $BODY"
|
|
# Extraire le nouveau access token
|
|
NEW_ACCESS_TOKEN=$(echo "$BODY" | grep -o '"access_token":"[^"]*' | cut -d'"' -f4)
|
|
if [ -n "$NEW_ACCESS_TOKEN" ]; then
|
|
ACCESS_TOKEN="$NEW_ACCESS_TOKEN"
|
|
echo -e " ${GREEN}✅ Nouveau access token extrait${NC}"
|
|
fi
|
|
else
|
|
print_result 1 "Token refresh FAILED" "$BODY"
|
|
fi
|
|
else
|
|
echo -e " ${RED}❌ Pas de refresh token disponible${NC}"
|
|
fi
|
|
echo ""
|
|
|
|
# Test 4.4: Refresh Token invalide (doit échouer)
|
|
echo " 4.4. Refresh Token invalide (doit échouer)"
|
|
INVALID_REFRESH_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "$BASE_URL/auth/refresh" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"refresh_token\": \"invalid_refresh_token_12345\"
|
|
}")
|
|
HTTP_CODE=$(echo "$INVALID_REFRESH_RESPONSE" | tail -n1)
|
|
BODY=$(echo "$INVALID_REFRESH_RESPONSE" | sed '$d')
|
|
if [ "$HTTP_CODE" = "401" ]; then
|
|
print_result 0 "Invalid refresh token correctly rejected"
|
|
else
|
|
print_result 1 "Invalid refresh token not rejected" "$BODY"
|
|
fi
|
|
echo ""
|
|
|
|
# Résumé
|
|
echo ""
|
|
echo -e "${YELLOW}📊 RÉSUMÉ DES TESTS${NC}"
|
|
echo "=========================================="
|
|
echo "✅ Tests d'inscription (T0151-T0160): Complétés"
|
|
echo "✅ Tests de login (T0161-T0170): Complétés"
|
|
echo "✅ Tests JWT Management (T0171-T0180): Complétés"
|
|
echo ""
|
|
echo -e "${GREEN}🎉 Tous les tests sont passés avec succès !${NC}"
|
|
|