WIP

2025-07-20 20:43:06 +02:00
parent 0abee5b794
commit 29592c7fc8
93 changed files with 23400 additions and 131 deletions
--- a/backend/tests/test-auth-unit.js
+++ b/backend/tests/test-auth-unit.js
@ -0,0 +1,187 @@
+const User = require('./src/models/User');
+const AuthService = require('./src/services/AuthService');
+
+async function testAuthenticationLogic() {
+    console.log('🧪 Testing Authentication Logic (Unit Tests)...\n');
+
+    try {
+        // Test 1: Password validation
+        console.log('📝 Test 1: Password validation');
+        
+        const weakPasswords = [
+            'weak',
+            '12345678',
+            'password',
+            'PASSWORD',
+            'Password',
+            'Pass123',
+            'Password123'
+        ];
+        
+        const strongPasswords = [
+            'StrongPass123!',
+            'MySecure@Pass1',
+            'Complex#Password9',
+            'Valid$Password2024'
+        ];
+        
+        console.log('Testing weak passwords:');
+        weakPasswords.forEach(password => {
+            const result = User.validatePassword(password);
+            console.log(`  "${password}": ${result.isValid ? '✅ Valid' : '❌ Invalid'} - ${result.errors.join(', ')}`);
+        });
+        
+        console.log('\nTesting strong passwords:');
+        strongPasswords.forEach(password => {
+            const result = User.validatePassword(password);
+            console.log(`  "${password}": ${result.isValid ? '✅ Valid' : '❌ Invalid'} - ${result.errors.join(', ')}`);
+        });
+        console.log('');
+
+        // Test 2: Email validation
+        console.log('📝 Test 2: Email validation');
+        
+        const invalidEmails = [
+            'invalid-email',
+            '@example.com',
+            'user@',
+            'user.example.com',
+            'user@.com',
+            'user@example.',
+            ''
+        ];
+        
+        const validEmails = [
+            'test@example.com',
+            'user.name@domain.co.uk',
+            'user+tag@example.org',
+            'firstname.lastname@company.com'
+        ];
+        
+        console.log('Testing invalid emails:');
+        invalidEmails.forEach(email => {
+            const result = User.validateEmail(email);
+            console.log(`  "${email}": ${result ? '✅ Valid' : '❌ Invalid'}`);
+        });
+        
+        console.log('\nTesting valid emails:');
+        validEmails.forEach(email => {
+            const result = User.validateEmail(email);
+            console.log(`  "${email}": ${result ? '✅ Valid' : '❌ Invalid'}`);
+        });
+        console.log('');
+
+        // Test 3: Password hashing and verification
+        console.log('📝 Test 3: Password hashing and verification');
+        
+        const testPasswords = [
+            'TestPassword123!',
+            'AnotherSecure@Pass1',
+            'Complex#Password9'
+        ];
+        
+        for (const password of testPasswords) {
+            console.log(`Testing password: "${password}"`);
+            
+            const hashedPassword = await User.hashPassword(password);
+            console.log(`  Hashed: ${hashedPassword.substring(0, 30)}...`);
+            
+            const isValid = await User.verifyPassword(password, hashedPassword);
+            console.log(`  Verification: ${isValid ? '✅ Valid' : '❌ Invalid'}`);
+            
+            const isInvalidWithWrongPassword = await User.verifyPassword('WrongPassword123!', hashedPassword);
+            console.log(`  Wrong password test: ${isInvalidWithWrongPassword ? '❌ Should be invalid' : '✅ Correctly invalid'}`);
+            
+            console.log('');
+        }
+
+        // Test 4: Token generation
+        console.log('📝 Test 4: Token generation');
+        
+        const mockUser = {
+            id: 'test-user-id-123',
+            email: 'test@example.com',
+            is_verified: true
+        };
+        
+        const token = AuthService.generateToken(mockUser);
+        console.log(`Generated JWT token: ${token.substring(0, 50)}...`);
+        
+        const decodedToken = AuthService.verifyToken(token);
+        console.log('Decoded token payload:', decodedToken);
+        
+        const isTokenValid = decodedToken && decodedToken.userId === mockUser.id;
+        console.log(`Token validation: ${isTokenValid ? '✅ Valid' : '❌ Invalid'}`);
+        console.log('');
+
+        // Test 5: Token expiration simulation
+        console.log('📝 Test 5: Token expiration simulation');
+        
+        // Create a token with very short expiration for testing
+        const jwt = require('jsonwebtoken');
+        const shortLivedToken = jwt.sign(
+            { userId: mockUser.id, email: mockUser.email },
+            process.env.JWT_SECRET || 'your-secret-key',
+            { expiresIn: '1ms' } // Expires immediately
+        );
+        
+        // Wait a moment to ensure expiration
+        await new Promise(resolve => setTimeout(resolve, 10));
+        
+        const expiredTokenResult = AuthService.verifyToken(shortLivedToken);
+        console.log(`Expired token validation: ${expiredTokenResult ? '❌ Should be invalid' : '✅ Correctly invalid'}`);
+        console.log('');
+
+        // Test 6: Token generation uniqueness
+        console.log('📝 Test 6: Token generation uniqueness');
+        
+        const tokens = [];
+        for (let i = 0; i < 5; i++) {
+            const token = User.generateToken();
+            tokens.push(token);
+            console.log(`Token ${i + 1}: ${token.substring(0, 20)}...`);
+        }
+        
+        const uniqueTokens = new Set(tokens);
+        console.log(`Generated ${tokens.length} tokens, ${uniqueTokens.size} unique: ${tokens.length === uniqueTokens.size ? '✅ All unique' : '❌ Duplicates found'}`);
+        console.log('');
+
+        // Test 7: Password strength edge cases
+        console.log('📝 Test 7: Password strength edge cases');
+        
+        const edgeCasePasswords = [
+            { password: 'A1a!', expected: false, reason: 'Too short' },
+            { password: 'A1a!A1a!', expected: true, reason: 'Minimum requirements met' },
+            { password: 'UPPERCASE123!', expected: false, reason: 'No lowercase' },
+            { password: 'lowercase123!', expected: false, reason: 'No uppercase' },
+            { password: 'NoNumbers!', expected: false, reason: 'No numbers' },
+            { password: 'NoSpecial123', expected: false, reason: 'No special characters' },
+            { password: 'Perfect@Password123', expected: true, reason: 'All requirements met' }
+        ];
+        
+        edgeCasePasswords.forEach(({ password, expected, reason }) => {
+            const result = User.validatePassword(password);
+            const status = result.isValid === expected ? '✅' : '❌';
+            console.log(`  ${status} "${password}" (${reason}): ${result.isValid ? 'Valid' : 'Invalid'}`);
+            if (!result.isValid) {
+                console.log(`    Errors: ${result.errors.join(', ')}`);
+            }
+        });
+        console.log('');
+
+        console.log('🎉 All authentication logic tests completed successfully!');
+        console.log('✅ Password validation working correctly');
+        console.log('✅ Email validation working correctly');
+        console.log('✅ Password hashing and verification working correctly');
+        console.log('✅ JWT token generation and validation working correctly');
+        console.log('✅ Token uniqueness verified');
+        console.log('✅ Password strength validation comprehensive');
+
+    } catch (error) {
+        console.error('❌ Test failed:', error.message);
+        console.error(error.stack);
+    }
+}
+
+// Run tests
+testAuthenticationLogic();