bookmarksite/backend/tests/test-auth.js

const dbConnection = require('./src/database/connection');
const User = require('./src/models/User');
const AuthService = require('./src/services/AuthService');

async function testAuthentication() {
    console.log('🧪 Testing User Authentication Service...\n');

    try {
        // Connect to database
        await dbConnection.connect();
        console.log('✅ Database connected\n');

        // Test 1: Password validation
        console.log('📝 Test 1: Password validation');
        const weakPassword = User.validatePassword('weak');
        console.log('Weak password validation:', weakPassword);
        
        const strongPassword = User.validatePassword('StrongPass123!');
        console.log('Strong password validation:', strongPassword);
        console.log('');

        // Test 2: Email validation
        console.log('📝 Test 2: Email validation');
        console.log('Invalid email:', User.validateEmail('invalid-email'));
        console.log('Valid email:', User.validateEmail('test@example.com'));
        console.log('');

        // Test 3: Password hashing
        console.log('📝 Test 3: Password hashing');
        const plainPassword = 'TestPassword123!';
        const hashedPassword = await User.hashPassword(plainPassword);
        console.log('Original password:', plainPassword);
        console.log('Hashed password:', hashedPassword);
        
        const isValidPassword = await User.verifyPassword(plainPassword, hashedPassword);
        console.log('Password verification:', isValidPassword);
        console.log('');

        // Test 4: User registration
        console.log('📝 Test 4: User registration');
        const testEmail = `test-${Date.now()}@example.com`;
        const registrationResult = await AuthService.register(testEmail, 'TestPassword123!');
        console.log('Registration result:', registrationResult);
        console.log('');

        if (registrationResult.success) {
            // Test 5: User login (should fail - not verified)
            console.log('📝 Test 5: Login attempt (unverified user)');
            const loginResult = await AuthService.login(testEmail, 'TestPassword123!');
            console.log('Login result:', loginResult);
            console.log('');

            // Test 6: Email verification
            console.log('📝 Test 6: Email verification');
            const user = await User.findByEmail(testEmail);
            if (user && user.verification_token) {
                const verificationResult = await AuthService.verifyEmail(user.verification_token);
                console.log('Verification result:', verificationResult);
                console.log('');

                // Test 7: Login after verification
                console.log('📝 Test 7: Login attempt (verified user)');
                const loginAfterVerification = await AuthService.login(testEmail, 'TestPassword123!');
                console.log('Login result:', loginAfterVerification);
                
                if (loginAfterVerification.success) {
                    console.log('JWT Token generated:', loginAfterVerification.token.substring(0, 50) + '...');
                    
                    // Test 8: Token validation
                    console.log('📝 Test 8: Token validation');
                    const tokenValidation = await AuthService.validateAuthToken(loginAfterVerification.token);
                    console.log('Token validation result:', tokenValidation ? 'Valid' : 'Invalid');
                    if (tokenValidation) {
                        console.log('User from token:', tokenValidation.toSafeObject());
                    }
                }
                console.log('');

                // Test 9: Password reset request
                console.log('📝 Test 9: Password reset request');
                const resetRequest = await AuthService.requestPasswordReset(testEmail);
                console.log('Reset request result:', resetRequest);
                console.log('');

                // Test 10: Password change
                console.log('📝 Test 10: Password change');
                const updatedUser = await User.findByEmail(testEmail);
                if (updatedUser) {
                    const passwordChange = await AuthService.changePassword(
                        updatedUser.id, 
                        'TestPassword123!', 
                        'NewPassword456!'
                    );
                    console.log('Password change result:', passwordChange);
                }
                console.log('');
            }

            // Cleanup: Delete test user
            console.log('🧹 Cleaning up test user...');
            const userToDelete = await User.findByEmail(testEmail);
            if (userToDelete) {
                await userToDelete.delete();
                console.log('✅ Test user deleted');
            }
        }

        console.log('\n🎉 Authentication service tests completed!');

    } catch (error) {
        console.error('❌ Test failed:', error.message);
        console.error(error.stack);
    } finally {
        await dbConnection.close();
    }
}

// Run tests
testAuthentication();