WIP

2025-07-20 20:43:06 +02:00
parent 0abee5b794
commit 29592c7fc8
93 changed files with 23400 additions and 131 deletions
--- a/backend/tests/test-api-endpoints.js
+++ b/backend/tests/test-api-endpoints.js
@ -0,0 +1,275 @@
+const axios = require('axios');
+
+const BASE_URL = 'http://localhost:3001';
+
+// Test data
+const testUser = {
+    email: 'test@example.com',
+    password: 'TestPassword123!'
+};
+
+const testUser2 = {
+    email: 'test2@example.com',
+    password: 'TestPassword456!'
+};
+
+let authToken = null;
+
+async function testEndpoint(name, testFn) {
+    try {
+        console.log(`\n🧪 Testing: ${name}`);
+        await testFn();
+        console.log(`✅ ${name} - PASSED`);
+    } catch (error) {
+        console.log(`❌ ${name} - FAILED`);
+        if (error.response) {
+            console.log(`   Status: ${error.response.status}`);
+            console.log(`   Error: ${JSON.stringify(error.response.data, null, 2)}`);
+        } else {
+            console.log(`   Error: ${error.message}`);
+        }
+    }
+}
+
+async function testRegistration() {
+    const response = await axios.post(`${BASE_URL}/api/auth/register`, testUser);
+    
+    if (response.status !== 201) {
+        throw new Error(`Expected status 201, got ${response.status}`);
+    }
+    
+    if (!response.data.user || !response.data.user.email) {
+        throw new Error('Response should contain user data');
+    }
+    
+    console.log(`   User registered: ${response.data.user.email}`);
+}
+
+async function testLogin() {
+    const response = await axios.post(`${BASE_URL}/api/auth/login`, testUser);
+    
+    if (response.status !== 200) {
+        throw new Error(`Expected status 200, got ${response.status}`);
+    }
+    
+    if (!response.data.user) {
+        throw new Error('Response should contain user data');
+    }
+    
+    // Extract token from Set-Cookie header
+    const cookies = response.headers['set-cookie'];
+    if (cookies) {
+        const authCookie = cookies.find(cookie => cookie.startsWith('authToken='));
+        if (authCookie) {
+            authToken = authCookie.split('=')[1].split(';')[0];
+            console.log(`   Token received: ${authToken.substring(0, 20)}...`);
+        }
+    }
+    
+    console.log(`   User logged in: ${response.data.user.email}`);
+}
+
+async function testGetProfile() {
+    if (!authToken) {
+        throw new Error('No auth token available');
+    }
+    
+    const response = await axios.get(`${BASE_URL}/api/user/profile`, {
+        headers: {
+            'Cookie': `authToken=${authToken}`
+        }
+    });
+    
+    if (response.status !== 200) {
+        throw new Error(`Expected status 200, got ${response.status}`);
+    }
+    
+    if (!response.data.user || !response.data.user.email) {
+        throw new Error('Response should contain user data');
+    }
+    
+    console.log(`   Profile retrieved: ${response.data.user.email}`);
+}
+
+async function testUpdateProfile() {
+    if (!authToken) {
+        throw new Error('No auth token available');
+    }
+    
+    const updatedEmail = 'updated@example.com';
+    const response = await axios.put(`${BASE_URL}/api/user/profile`, 
+        { email: updatedEmail },
+        {
+            headers: {
+                'Cookie': `authToken=${authToken}`
+            }
+        }
+    );
+    
+    if (response.status !== 200) {
+        throw new Error(`Expected status 200, got ${response.status}`);
+    }
+    
+    if (response.data.user.email !== updatedEmail) {
+        throw new Error(`Expected email to be updated to ${updatedEmail}`);
+    }
+    
+    console.log(`   Profile updated: ${response.data.user.email}`);
+}
+
+async function testChangePassword() {
+    if (!authToken) {
+        throw new Error('No auth token available');
+    }
+    
+    const newPassword = 'NewTestPassword789!';
+    const response = await axios.post(`${BASE_URL}/api/user/change-password`, 
+        { 
+            currentPassword: testUser.password,
+            newPassword: newPassword
+        },
+        {
+            headers: {
+                'Cookie': `authToken=${authToken}`
+            }
+        }
+    );
+    
+    if (response.status !== 200) {
+        throw new Error(`Expected status 200, got ${response.status}`);
+    }
+    
+    console.log(`   Password changed successfully`);
+    
+    // Update test user password for future tests
+    testUser.password = newPassword;
+}
+
+async function testLogout() {
+    if (!authToken) {
+        throw new Error('No auth token available');
+    }
+    
+    const response = await axios.post(`${BASE_URL}/api/auth/logout`, {}, {
+        headers: {
+            'Cookie': `authToken=${authToken}`
+        }
+    });
+    
+    if (response.status !== 200) {
+        throw new Error(`Expected status 200, got ${response.status}`);
+    }
+    
+    console.log(`   User logged out successfully`);
+    authToken = null;
+}
+
+async function testInvalidLogin() {
+    try {
+        await axios.post(`${BASE_URL}/api/auth/login`, {
+            email: 'invalid@example.com',
+            password: 'wrongpassword'
+        });
+        throw new Error('Should have failed with invalid credentials');
+    } catch (error) {
+        if (error.response && error.response.status === 401) {
+            console.log(`   Invalid login correctly rejected`);
+        } else {
+            throw error;
+        }
+    }
+}
+
+async function testMissingFields() {
+    try {
+        await axios.post(`${BASE_URL}/api/auth/register`, {
+            email: 'test@example.com'
+            // missing password
+        });
+        throw new Error('Should have failed with missing password');
+    } catch (error) {
+        if (error.response && error.response.status === 400) {
+            console.log(`   Missing fields correctly rejected`);
+        } else {
+            throw error;
+        }
+    }
+}
+
+async function testUnauthorizedAccess() {
+    try {
+        await axios.get(`${BASE_URL}/api/user/profile`);
+        throw new Error('Should have failed without authentication');
+    } catch (error) {
+        if (error.response && error.response.status === 401) {
+            console.log(`   Unauthorized access correctly rejected`);
+        } else {
+            throw error;
+        }
+    }
+}
+
+async function runTests() {
+    console.log('🚀 Starting API Endpoint Tests');
+    console.log('================================');
+    
+    // Test registration
+    await testEndpoint('User Registration', testRegistration);
+    
+    // Test duplicate registration
+    await testEndpoint('Duplicate Registration (should fail)', async () => {
+        try {
+            await axios.post(`${BASE_URL}/api/auth/register`, testUser);
+            throw new Error('Should have failed with duplicate email');
+        } catch (error) {
+            if (error.response && error.response.status === 400) {
+                console.log(`   Duplicate registration correctly rejected`);
+            } else {
+                throw error;
+            }
+        }
+    });
+    
+    // Test login
+    await testEndpoint('User Login', testLogin);
+    
+    // Test profile retrieval
+    await testEndpoint('Get User Profile', testGetProfile);
+    
+    // Test profile update
+    await testEndpoint('Update User Profile', testUpdateProfile);
+    
+    // Test password change
+    await testEndpoint('Change Password', testChangePassword);
+    
+    // Test logout
+    await testEndpoint('User Logout', testLogout);
+    
+    // Test error cases
+    await testEndpoint('Invalid Login', testInvalidLogin);
+    await testEndpoint('Missing Fields', testMissingFields);
+    await testEndpoint('Unauthorized Access', testUnauthorizedAccess);
+    
+    console.log('\n🎉 All tests completed!');
+}
+
+// Check if server is running
+async function checkServer() {
+    try {
+        await axios.get(`${BASE_URL}/health`);
+        console.log('✅ Server is running');
+        return true;
+    } catch (error) {
+        console.log('❌ Server is not running. Please start the server first with: npm start');
+        return false;
+    }
+}
+
+async function main() {
+    const serverRunning = await checkServer();
+    if (serverRunning) {
+        await runTests();
+    }
+}
+
+main().catch(console.error);