refactor: move all tests to backend/tests/ as black-box packages

All test files relocated from internal/X/ to tests/X/ and converted to package X_test, using only the public API of each package. - tests/auth/: jwt, service, handler integration tests - tests/middleware/: auth, request_id, recovery tests - tests/user/: calories, service, repository integration tests - tests/locale/: locale tests (already package locale_test, just moved) - tests/ingredient/: repository integration tests - tests/recipe/: repository integration tests mockUserRepo in tests/user/service_test.go redefined locally with fully-qualified user.* types. Unexported auth.refreshRequest replaced with a local testRefreshRequest struct in the integration test. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-15 18:57:19 +02:00
parent 0ce111fa08
commit 33a5297c3a
12 changed files with 346 additions and 325 deletions
--- a/backend/tests/auth/jwt_test.go
+++ b/backend/tests/auth/jwt_test.go
@@ -0,0 +1,88 @@
+package auth_test
+
+import (
+	"testing"
+	"time"
+
+	"github.com/food-ai/backend/internal/auth"
+)
+
+func TestGenerateAccessToken(t *testing.T) {
+	jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
+
+	token, tokenError := jm.GenerateAccessToken("user-123", "free")
+	if tokenError != nil {
+		t.Fatalf("unexpected error: %v", tokenError)
+	}
+	if token == "" {
+		t.Fatal("expected non-empty token")
+	}
+}
+
+func TestValidateAccessToken_Valid(t *testing.T) {
+	jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
+
+	token, _ := jm.GenerateAccessToken("user-123", "free")
+	claims, validateError := jm.ValidateAccessToken(token)
+	if validateError != nil {
+		t.Fatalf("unexpected error: %v", validateError)
+	}
+	if claims.UserID != "user-123" {
+		t.Errorf("expected user_id 'user-123', got %q", claims.UserID)
+	}
+	if claims.Plan != "free" {
+		t.Errorf("expected plan 'free', got %q", claims.Plan)
+	}
+}
+
+func TestValidateAccessToken_Expired(t *testing.T) {
+	jm := auth.NewJWTManager("test-secret", -1*time.Second, 720*time.Hour)
+
+	token, _ := jm.GenerateAccessToken("user-123", "free")
+	_, validateError := jm.ValidateAccessToken(token)
+	if validateError == nil {
+		t.Fatal("expected error for expired token")
+	}
+}
+
+func TestValidateAccessToken_WrongSecret(t *testing.T) {
+	jm1 := auth.NewJWTManager("secret-1", 15*time.Minute, 720*time.Hour)
+	jm2 := auth.NewJWTManager("secret-2", 15*time.Minute, 720*time.Hour)
+
+	token, _ := jm1.GenerateAccessToken("user-123", "free")
+	_, validateError := jm2.ValidateAccessToken(token)
+	if validateError == nil {
+		t.Fatal("expected error for wrong secret")
+	}
+}
+
+func TestValidateAccessToken_InvalidToken(t *testing.T) {
+	jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
+
+	_, validateError := jm.ValidateAccessToken("invalid-token")
+	if validateError == nil {
+		t.Fatal("expected error for invalid token")
+	}
+}
+
+func TestGenerateRefreshToken(t *testing.T) {
+	jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
+
+	token, expiresAt := jm.GenerateRefreshToken()
+	if token == "" {
+		t.Fatal("expected non-empty refresh token")
+	}
+	if expiresAt.Before(time.Now()) {
+		t.Fatal("expected future expiration time")
+	}
+}
+
+func TestGenerateRefreshToken_Unique(t *testing.T) {
+	jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
+
+	token1, _ := jm.GenerateRefreshToken()
+	token2, _ := jm.GenerateRefreshToken()
+	if token1 == token2 {
+		t.Fatal("expected unique refresh tokens")
+	}
+}