33a5297c3a
All test files relocated from internal/X/ to tests/X/ and converted to package X_test, using only the public API of each package. - tests/auth/: jwt, service, handler integration tests - tests/middleware/: auth, request_id, recovery tests - tests/user/: calories, service, repository integration tests - tests/locale/: locale tests (already package locale_test, just moved) - tests/ingredient/: repository integration tests - tests/recipe/: repository integration tests mockUserRepo in tests/user/service_test.go redefined locally with fully-qualified user.* types. Unexported auth.refreshRequest replaced with a local testRefreshRequest struct in the integration test. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
89 lines
2.4 KiB
Go
89 lines
2.4 KiB
Go
package auth_test
|
|
|
|
import (
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/food-ai/backend/internal/auth"
|
|
)
|
|
|
|
func TestGenerateAccessToken(t *testing.T) {
|
|
jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
|
|
|
|
token, tokenError := jm.GenerateAccessToken("user-123", "free")
|
|
if tokenError != nil {
|
|
t.Fatalf("unexpected error: %v", tokenError)
|
|
}
|
|
if token == "" {
|
|
t.Fatal("expected non-empty token")
|
|
}
|
|
}
|
|
|
|
func TestValidateAccessToken_Valid(t *testing.T) {
|
|
jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
|
|
|
|
token, _ := jm.GenerateAccessToken("user-123", "free")
|
|
claims, validateError := jm.ValidateAccessToken(token)
|
|
if validateError != nil {
|
|
t.Fatalf("unexpected error: %v", validateError)
|
|
}
|
|
if claims.UserID != "user-123" {
|
|
t.Errorf("expected user_id 'user-123', got %q", claims.UserID)
|
|
}
|
|
if claims.Plan != "free" {
|
|
t.Errorf("expected plan 'free', got %q", claims.Plan)
|
|
}
|
|
}
|
|
|
|
func TestValidateAccessToken_Expired(t *testing.T) {
|
|
jm := auth.NewJWTManager("test-secret", -1*time.Second, 720*time.Hour)
|
|
|
|
token, _ := jm.GenerateAccessToken("user-123", "free")
|
|
_, validateError := jm.ValidateAccessToken(token)
|
|
if validateError == nil {
|
|
t.Fatal("expected error for expired token")
|
|
}
|
|
}
|
|
|
|
func TestValidateAccessToken_WrongSecret(t *testing.T) {
|
|
jm1 := auth.NewJWTManager("secret-1", 15*time.Minute, 720*time.Hour)
|
|
jm2 := auth.NewJWTManager("secret-2", 15*time.Minute, 720*time.Hour)
|
|
|
|
token, _ := jm1.GenerateAccessToken("user-123", "free")
|
|
_, validateError := jm2.ValidateAccessToken(token)
|
|
if validateError == nil {
|
|
t.Fatal("expected error for wrong secret")
|
|
}
|
|
}
|
|
|
|
func TestValidateAccessToken_InvalidToken(t *testing.T) {
|
|
jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
|
|
|
|
_, validateError := jm.ValidateAccessToken("invalid-token")
|
|
if validateError == nil {
|
|
t.Fatal("expected error for invalid token")
|
|
}
|
|
}
|
|
|
|
func TestGenerateRefreshToken(t *testing.T) {
|
|
jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
|
|
|
|
token, expiresAt := jm.GenerateRefreshToken()
|
|
if token == "" {
|
|
t.Fatal("expected non-empty refresh token")
|
|
}
|
|
if expiresAt.Before(time.Now()) {
|
|
t.Fatal("expected future expiration time")
|
|
}
|
|
}
|
|
|
|
func TestGenerateRefreshToken_Unique(t *testing.T) {
|
|
jm := auth.NewJWTManager("test-secret", 15*time.Minute, 720*time.Hour)
|
|
|
|
token1, _ := jm.GenerateRefreshToken()
|
|
token2, _ := jm.GenerateRefreshToken()
|
|
if token1 == token2 {
|
|
t.Fatal("expected unique refresh tokens")
|
|
}
|
|
}
|