24219b611e
Backend (Go): - Project structure with chi router, pgxpool, goose migrations - JWT auth (access/refresh tokens) with Firebase token verification - NoopTokenVerifier for local dev without Firebase credentials - PostgreSQL user repository with atomic profile updates (transactions) - Mifflin-St Jeor calorie calculation based on profile data - REST API: POST /auth/login, /auth/refresh, /auth/logout, GET/PUT /profile, GET /health - Middleware: auth, CORS (localhost wildcard), logging, recovery, request_id - Unit tests (51 passing) and integration tests (testcontainers) - Docker Compose setup with postgres healthcheck and graceful shutdown Flutter client: - Riverpod state management with GoRouter navigation - Firebase Auth (email/password + Google sign-in with web popup support) - Platform-aware API URLs (web/Android/iOS) - Dio HTTP client with JWT auth interceptor and concurrent refresh handling - Secure token storage - Screens: Login, Register, Home (tabs: Menu, Recipes, Products, Profile) - Unit tests (17 passing) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
214 lines
6.3 KiB
Go
214 lines
6.3 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/food-ai/backend/internal/auth/mocks"
|
|
"github.com/food-ai/backend/internal/user"
|
|
umocks "github.com/food-ai/backend/internal/user/mocks"
|
|
)
|
|
|
|
func newTestService(verifier *mocks.MockTokenVerifier, repo *umocks.MockUserRepository) *Service {
|
|
jm := NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
|
|
return NewService(verifier, repo, jm)
|
|
}
|
|
|
|
func TestLogin_Success(t *testing.T) {
|
|
verifier := &mocks.MockTokenVerifier{
|
|
VerifyTokenFn: func(ctx context.Context, idToken string) (string, string, string, string, error) {
|
|
return "fb-uid", "test@example.com", "Test User", "https://avatar.url", nil
|
|
},
|
|
}
|
|
repo := &umocks.MockUserRepository{
|
|
UpsertByFirebaseUIDFn: func(ctx context.Context, uid, email, name, avatarURL string) (*user.User, error) {
|
|
return &user.User{ID: "user-1", Email: email, Name: name, Plan: "free"}, nil
|
|
},
|
|
SetRefreshTokenFn: func(ctx context.Context, id, token string, expiresAt time.Time) error {
|
|
return nil
|
|
},
|
|
}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
resp, err := svc.Login(context.Background(), "firebase-token")
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if resp.AccessToken == "" {
|
|
t.Error("expected non-empty access token")
|
|
}
|
|
if resp.RefreshToken == "" {
|
|
t.Error("expected non-empty refresh token")
|
|
}
|
|
if resp.User.ID != "user-1" {
|
|
t.Errorf("expected user ID 'user-1', got %q", resp.User.ID)
|
|
}
|
|
}
|
|
|
|
func TestLogin_InvalidFirebaseToken(t *testing.T) {
|
|
verifier := &mocks.MockTokenVerifier{
|
|
VerifyTokenFn: func(ctx context.Context, idToken string) (string, string, string, string, error) {
|
|
return "", "", "", "", fmt.Errorf("invalid token")
|
|
},
|
|
}
|
|
repo := &umocks.MockUserRepository{}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
_, err := svc.Login(context.Background(), "bad-token")
|
|
if err == nil {
|
|
t.Fatal("expected error for invalid firebase token")
|
|
}
|
|
}
|
|
|
|
func TestLogin_UpsertError(t *testing.T) {
|
|
verifier := &mocks.MockTokenVerifier{
|
|
VerifyTokenFn: func(ctx context.Context, idToken string) (string, string, string, string, error) {
|
|
return "fb-uid", "test@example.com", "Test", "", nil
|
|
},
|
|
}
|
|
repo := &umocks.MockUserRepository{
|
|
UpsertByFirebaseUIDFn: func(ctx context.Context, uid, email, name, avatarURL string) (*user.User, error) {
|
|
return nil, fmt.Errorf("db error")
|
|
},
|
|
}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
_, err := svc.Login(context.Background(), "token")
|
|
if err == nil {
|
|
t.Fatal("expected error for upsert failure")
|
|
}
|
|
}
|
|
|
|
func TestLogin_SetRefreshTokenError(t *testing.T) {
|
|
verifier := &mocks.MockTokenVerifier{
|
|
VerifyTokenFn: func(ctx context.Context, idToken string) (string, string, string, string, error) {
|
|
return "fb-uid", "test@example.com", "Test", "", nil
|
|
},
|
|
}
|
|
repo := &umocks.MockUserRepository{
|
|
UpsertByFirebaseUIDFn: func(ctx context.Context, uid, email, name, avatarURL string) (*user.User, error) {
|
|
return &user.User{ID: "user-1", Plan: "free"}, nil
|
|
},
|
|
SetRefreshTokenFn: func(ctx context.Context, id, token string, expiresAt time.Time) error {
|
|
return fmt.Errorf("db error")
|
|
},
|
|
}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
_, err := svc.Login(context.Background(), "token")
|
|
if err == nil {
|
|
t.Fatal("expected error for set refresh token failure")
|
|
}
|
|
}
|
|
|
|
func TestRefresh_Success(t *testing.T) {
|
|
repo := &umocks.MockUserRepository{
|
|
FindByRefreshTokenFn: func(ctx context.Context, token string) (*user.User, error) {
|
|
return &user.User{ID: "user-1", Plan: "free"}, nil
|
|
},
|
|
SetRefreshTokenFn: func(ctx context.Context, id, token string, expiresAt time.Time) error {
|
|
return nil
|
|
},
|
|
}
|
|
verifier := &mocks.MockTokenVerifier{}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
resp, err := svc.Refresh(context.Background(), "valid-refresh-token")
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if resp.AccessToken == "" {
|
|
t.Error("expected non-empty access token")
|
|
}
|
|
if resp.RefreshToken == "" {
|
|
t.Error("expected non-empty refresh token")
|
|
}
|
|
}
|
|
|
|
func TestRefresh_InvalidToken(t *testing.T) {
|
|
repo := &umocks.MockUserRepository{
|
|
FindByRefreshTokenFn: func(ctx context.Context, token string) (*user.User, error) {
|
|
return nil, fmt.Errorf("not found")
|
|
},
|
|
}
|
|
verifier := &mocks.MockTokenVerifier{}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
_, err := svc.Refresh(context.Background(), "bad-token")
|
|
if err == nil {
|
|
t.Fatal("expected error for invalid refresh token")
|
|
}
|
|
}
|
|
|
|
func TestRefresh_SetRefreshTokenError(t *testing.T) {
|
|
repo := &umocks.MockUserRepository{
|
|
FindByRefreshTokenFn: func(ctx context.Context, token string) (*user.User, error) {
|
|
return &user.User{ID: "user-1", Plan: "free"}, nil
|
|
},
|
|
SetRefreshTokenFn: func(ctx context.Context, id, token string, expiresAt time.Time) error {
|
|
return fmt.Errorf("db error")
|
|
},
|
|
}
|
|
verifier := &mocks.MockTokenVerifier{}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
_, err := svc.Refresh(context.Background(), "valid-token")
|
|
if err == nil {
|
|
t.Fatal("expected error")
|
|
}
|
|
}
|
|
|
|
func TestLogout_Success(t *testing.T) {
|
|
repo := &umocks.MockUserRepository{
|
|
ClearRefreshTokenFn: func(ctx context.Context, id string) error {
|
|
return nil
|
|
},
|
|
}
|
|
verifier := &mocks.MockTokenVerifier{}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
err := svc.Logout(context.Background(), "user-1")
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
}
|
|
|
|
func TestLogout_Error(t *testing.T) {
|
|
repo := &umocks.MockUserRepository{
|
|
ClearRefreshTokenFn: func(ctx context.Context, id string) error {
|
|
return fmt.Errorf("db error")
|
|
},
|
|
}
|
|
verifier := &mocks.MockTokenVerifier{}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
err := svc.Logout(context.Background(), "user-1")
|
|
if err == nil {
|
|
t.Fatal("expected error")
|
|
}
|
|
}
|
|
|
|
func TestLogin_ExpiresIn(t *testing.T) {
|
|
verifier := &mocks.MockTokenVerifier{
|
|
VerifyTokenFn: func(ctx context.Context, idToken string) (string, string, string, string, error) {
|
|
return "fb-uid", "test@example.com", "Test", "", nil
|
|
},
|
|
}
|
|
repo := &umocks.MockUserRepository{
|
|
UpsertByFirebaseUIDFn: func(ctx context.Context, uid, email, name, avatarURL string) (*user.User, error) {
|
|
return &user.User{ID: "user-1", Plan: "free"}, nil
|
|
},
|
|
SetRefreshTokenFn: func(ctx context.Context, id, token string, expiresAt time.Time) error {
|
|
return nil
|
|
},
|
|
}
|
|
|
|
svc := newTestService(verifier, repo)
|
|
resp, _ := svc.Login(context.Background(), "token")
|
|
if resp.ExpiresIn != 900 {
|
|
t.Errorf("expected expires_in 900, got %d", resp.ExpiresIn)
|
|
}
|
|
}
|