const User = require('./src/models/User'); const AuthService = require('./src/services/AuthService'); async function testAuthenticationLogic() { console.log('๐Ÿงช Testing Authentication Logic (Unit Tests)...\n'); try { // Test 1: Password validation console.log('๐Ÿ“ Test 1: Password validation'); const weakPasswords = [ 'weak', '12345678', 'password', 'PASSWORD', 'Password', 'Pass123', 'Password123' ]; const strongPasswords = [ 'StrongPass123!', 'MySecure@Pass1', 'Complex#Password9', 'Valid$Password2024' ]; console.log('Testing weak passwords:'); weakPasswords.forEach(password => { const result = User.validatePassword(password); console.log(` "${password}": ${result.isValid ? 'โœ… Valid' : 'โŒ Invalid'} - ${result.errors.join(', ')}`); }); console.log('\nTesting strong passwords:'); strongPasswords.forEach(password => { const result = User.validatePassword(password); console.log(` "${password}": ${result.isValid ? 'โœ… Valid' : 'โŒ Invalid'} - ${result.errors.join(', ')}`); }); console.log(''); // Test 2: Email validation console.log('๐Ÿ“ Test 2: Email validation'); const invalidEmails = [ 'invalid-email', '@example.com', 'user@', 'user.example.com', 'user@.com', 'user@example.', '' ]; const validEmails = [ 'test@example.com', 'user.name@domain.co.uk', 'user+tag@example.org', 'firstname.lastname@company.com' ]; console.log('Testing invalid emails:'); invalidEmails.forEach(email => { const result = User.validateEmail(email); console.log(` "${email}": ${result ? 'โœ… Valid' : 'โŒ Invalid'}`); }); console.log('\nTesting valid emails:'); validEmails.forEach(email => { const result = User.validateEmail(email); console.log(` "${email}": ${result ? 'โœ… Valid' : 'โŒ Invalid'}`); }); console.log(''); // Test 3: Password hashing and verification console.log('๐Ÿ“ Test 3: Password hashing and verification'); const testPasswords = [ 'TestPassword123!', 'AnotherSecure@Pass1', 'Complex#Password9' ]; for (const password of testPasswords) { console.log(`Testing password: "${password}"`); const hashedPassword = await User.hashPassword(password); console.log(` Hashed: ${hashedPassword.substring(0, 30)}...`); const isValid = await User.verifyPassword(password, hashedPassword); console.log(` Verification: ${isValid ? 'โœ… Valid' : 'โŒ Invalid'}`); const isInvalidWithWrongPassword = await User.verifyPassword('WrongPassword123!', hashedPassword); console.log(` Wrong password test: ${isInvalidWithWrongPassword ? 'โŒ Should be invalid' : 'โœ… Correctly invalid'}`); console.log(''); } // Test 4: Token generation console.log('๐Ÿ“ Test 4: Token generation'); const mockUser = { id: 'test-user-id-123', email: 'test@example.com', is_verified: true }; const token = AuthService.generateToken(mockUser); console.log(`Generated JWT token: ${token.substring(0, 50)}...`); const decodedToken = AuthService.verifyToken(token); console.log('Decoded token payload:', decodedToken); const isTokenValid = decodedToken && decodedToken.userId === mockUser.id; console.log(`Token validation: ${isTokenValid ? 'โœ… Valid' : 'โŒ Invalid'}`); console.log(''); // Test 5: Token expiration simulation console.log('๐Ÿ“ Test 5: Token expiration simulation'); // Create a token with very short expiration for testing const jwt = require('jsonwebtoken'); const shortLivedToken = jwt.sign( { userId: mockUser.id, email: mockUser.email }, process.env.JWT_SECRET || 'your-secret-key', { expiresIn: '1ms' } // Expires immediately ); // Wait a moment to ensure expiration await new Promise(resolve => setTimeout(resolve, 10)); const expiredTokenResult = AuthService.verifyToken(shortLivedToken); console.log(`Expired token validation: ${expiredTokenResult ? 'โŒ Should be invalid' : 'โœ… Correctly invalid'}`); console.log(''); // Test 6: Token generation uniqueness console.log('๐Ÿ“ Test 6: Token generation uniqueness'); const tokens = []; for (let i = 0; i < 5; i++) { const token = User.generateToken(); tokens.push(token); console.log(`Token ${i + 1}: ${token.substring(0, 20)}...`); } const uniqueTokens = new Set(tokens); console.log(`Generated ${tokens.length} tokens, ${uniqueTokens.size} unique: ${tokens.length === uniqueTokens.size ? 'โœ… All unique' : 'โŒ Duplicates found'}`); console.log(''); // Test 7: Password strength edge cases console.log('๐Ÿ“ Test 7: Password strength edge cases'); const edgeCasePasswords = [ { password: 'A1a!', expected: false, reason: 'Too short' }, { password: 'A1a!A1a!', expected: true, reason: 'Minimum requirements met' }, { password: 'UPPERCASE123!', expected: false, reason: 'No lowercase' }, { password: 'lowercase123!', expected: false, reason: 'No uppercase' }, { password: 'NoNumbers!', expected: false, reason: 'No numbers' }, { password: 'NoSpecial123', expected: false, reason: 'No special characters' }, { password: 'Perfect@Password123', expected: true, reason: 'All requirements met' } ]; edgeCasePasswords.forEach(({ password, expected, reason }) => { const result = User.validatePassword(password); const status = result.isValid === expected ? 'โœ…' : 'โŒ'; console.log(` ${status} "${password}" (${reason}): ${result.isValid ? 'Valid' : 'Invalid'}`); if (!result.isValid) { console.log(` Errors: ${result.errors.join(', ')}`); } }); console.log(''); console.log('๐ŸŽ‰ All authentication logic tests completed successfully!'); console.log('โœ… Password validation working correctly'); console.log('โœ… Email validation working correctly'); console.log('โœ… Password hashing and verification working correctly'); console.log('โœ… JWT token generation and validation working correctly'); console.log('โœ… Token uniqueness verified'); console.log('โœ… Password strength validation comprehensive'); } catch (error) { console.error('โŒ Test failed:', error.message); console.error(error.stack); } } // Run tests testAuthenticationLogic();