357 lines
12 KiB
Go
357 lines
12 KiB
Go
package integration
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"strings"
|
|
"testing"
|
|
|
|
"goyco/internal/middleware"
|
|
"goyco/internal/testutils"
|
|
)
|
|
|
|
func TestIntegration_EndToEndUserJourneys(t *testing.T) {
|
|
ctx := setupTestContext(t)
|
|
|
|
t.Run("Complete_Registration_To_Post_Creation_Journey", func(t *testing.T) {
|
|
ctx.Suite.EmailSender.Reset()
|
|
|
|
registerBody := map[string]string{
|
|
"username": "journey_user",
|
|
"email": "journey@example.com",
|
|
"password": "SecurePass123!",
|
|
}
|
|
body, _ := json.Marshal(registerBody)
|
|
registerReq := httptest.NewRequest("POST", "/api/auth/register", bytes.NewBuffer(body))
|
|
registerReq.Header.Set("Content-Type", "application/json")
|
|
registerRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(registerRec, registerReq)
|
|
|
|
assertStatus(t, registerRec, http.StatusCreated)
|
|
|
|
verificationToken := ctx.Suite.EmailSender.VerificationToken()
|
|
if verificationToken == "" {
|
|
t.Fatal("Verification token not sent")
|
|
}
|
|
|
|
confirmReq := httptest.NewRequest("GET", "/api/auth/confirm?token="+url.QueryEscape(verificationToken), nil)
|
|
confirmRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(confirmRec, confirmReq)
|
|
|
|
assertStatus(t, confirmRec, http.StatusOK)
|
|
|
|
loginBody := map[string]string{
|
|
"username": "journey_user",
|
|
"password": "SecurePass123!",
|
|
}
|
|
loginBodyBytes, _ := json.Marshal(loginBody)
|
|
loginReq := httptest.NewRequest("POST", "/api/auth/login", bytes.NewBuffer(loginBodyBytes))
|
|
loginReq.Header.Set("Content-Type", "application/json")
|
|
loginRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(loginRec, loginReq)
|
|
|
|
loginResponse := assertJSONResponse(t, loginRec, http.StatusOK)
|
|
if loginResponse == nil {
|
|
return
|
|
}
|
|
|
|
data, ok := loginResponse["data"].(map[string]any)
|
|
if !ok {
|
|
t.Fatal("Login response missing data")
|
|
}
|
|
|
|
var token string
|
|
if accessToken, ok := data["access_token"].(string); ok && accessToken != "" {
|
|
token = accessToken
|
|
} else if tokenVal, ok := data["token"].(string); ok && tokenVal != "" {
|
|
token = tokenVal
|
|
} else {
|
|
t.Fatal("Login response missing access_token or token")
|
|
}
|
|
|
|
var userID uint
|
|
if userData, ok := data["user"].(map[string]any); ok {
|
|
if id, ok := userData["id"].(float64); ok {
|
|
userID = uint(id)
|
|
} else if id, ok := userData["ID"].(float64); ok {
|
|
userID = uint(id)
|
|
}
|
|
}
|
|
if userID == 0 {
|
|
if id, ok := data["user_id"].(float64); ok {
|
|
userID = uint(id)
|
|
}
|
|
}
|
|
if userID == 0 {
|
|
t.Fatalf("Login response missing user.id. Data: %+v", data)
|
|
}
|
|
|
|
postBody := map[string]string{
|
|
"title": "Journey Test Post",
|
|
"url": "https://example.com/journey",
|
|
"content": "Test content",
|
|
}
|
|
postBodyBytes, _ := json.Marshal(postBody)
|
|
postReq := httptest.NewRequest("POST", "/api/posts", bytes.NewBuffer(postBodyBytes))
|
|
postReq.Header.Set("Content-Type", "application/json")
|
|
postReq.Header.Set("Authorization", "Bearer "+token)
|
|
postReq = testutils.WithUserContext(postReq, middleware.UserIDKey, uint(userID))
|
|
postRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(postRec, postReq)
|
|
|
|
postResponse := assertJSONResponse(t, postRec, http.StatusCreated)
|
|
if postResponse == nil {
|
|
return
|
|
}
|
|
|
|
postData, ok := postResponse["data"].(map[string]any)
|
|
if !ok {
|
|
t.Fatal("Post response missing data")
|
|
}
|
|
|
|
postID, ok := postData["id"].(float64)
|
|
if !ok {
|
|
t.Fatal("Post response missing id")
|
|
}
|
|
|
|
getPostReq := httptest.NewRequest("GET", fmt.Sprintf("/api/posts/%.0f", postID), nil)
|
|
getPostRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(getPostRec, getPostReq)
|
|
|
|
assertStatus(t, getPostRec, http.StatusOK)
|
|
})
|
|
|
|
t.Run("Complete_Password_Reset_Journey", func(t *testing.T) {
|
|
ctx.Suite.EmailSender.Reset()
|
|
createAuthenticatedUser(t, ctx.AuthService, ctx.Suite.UserRepo, "reset_journey_user", "reset_journey@example.com")
|
|
|
|
resetBody := map[string]string{
|
|
"username_or_email": "reset_journey@example.com",
|
|
}
|
|
resetBodyBytes, _ := json.Marshal(resetBody)
|
|
resetReq := httptest.NewRequest("POST", "/api/auth/forgot-password", bytes.NewBuffer(resetBodyBytes))
|
|
resetReq.Header.Set("Content-Type", "application/json")
|
|
resetRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(resetRec, resetReq)
|
|
|
|
assertStatus(t, resetRec, http.StatusOK)
|
|
|
|
resetToken := ctx.Suite.EmailSender.GetLastPasswordResetToken()
|
|
if resetToken == "" {
|
|
t.Fatal("Password reset token not sent")
|
|
}
|
|
|
|
newPasswordBody := map[string]string{
|
|
"token": resetToken,
|
|
"new_password": "NewSecurePass123!",
|
|
}
|
|
newPasswordBodyBytes, _ := json.Marshal(newPasswordBody)
|
|
newPasswordReq := httptest.NewRequest("POST", "/api/auth/reset-password", bytes.NewBuffer(newPasswordBodyBytes))
|
|
newPasswordReq.Header.Set("Content-Type", "application/json")
|
|
newPasswordRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(newPasswordRec, newPasswordReq)
|
|
|
|
assertStatus(t, newPasswordRec, http.StatusOK)
|
|
|
|
loginBody := map[string]string{
|
|
"username": "reset_journey_user",
|
|
"password": "NewSecurePass123!",
|
|
}
|
|
loginBodyBytes, _ := json.Marshal(loginBody)
|
|
loginReq := httptest.NewRequest("POST", "/api/auth/login", bytes.NewBuffer(loginBodyBytes))
|
|
loginReq.Header.Set("Content-Type", "application/json")
|
|
loginRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(loginRec, loginReq)
|
|
|
|
assertStatus(t, loginRec, http.StatusOK)
|
|
})
|
|
|
|
t.Run("Complete_Vote_And_Unvote_Journey", func(t *testing.T) {
|
|
ctx.Suite.EmailSender.Reset()
|
|
user := createAuthenticatedUser(t, ctx.AuthService, ctx.Suite.UserRepo, "vote_journey_user", "vote_journey@example.com")
|
|
|
|
post := testutils.CreatePostWithRepo(t, ctx.Suite.PostRepo, user.User.ID, "Vote Journey Post", "https://example.com/vote-journey")
|
|
|
|
voteBody := map[string]string{"type": "up"}
|
|
voteBodyBytes, _ := json.Marshal(voteBody)
|
|
voteReq := httptest.NewRequest("POST", fmt.Sprintf("/api/posts/%d/vote", post.ID), bytes.NewBuffer(voteBodyBytes))
|
|
voteReq.Header.Set("Content-Type", "application/json")
|
|
voteReq.Header.Set("Authorization", "Bearer "+user.Token)
|
|
voteReq = testutils.WithUserContext(voteReq, middleware.UserIDKey, user.User.ID)
|
|
voteReq = testutils.WithURLParams(voteReq, map[string]string{"id": fmt.Sprintf("%d", post.ID)})
|
|
voteRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(voteRec, voteReq)
|
|
|
|
assertStatus(t, voteRec, http.StatusOK)
|
|
|
|
getVotesReq := httptest.NewRequest("GET", fmt.Sprintf("/api/posts/%d/votes", post.ID), nil)
|
|
getVotesReq.Header.Set("Authorization", "Bearer "+user.Token)
|
|
getVotesReq = testutils.WithUserContext(getVotesReq, middleware.UserIDKey, user.User.ID)
|
|
getVotesReq = testutils.WithURLParams(getVotesReq, map[string]string{"id": fmt.Sprintf("%d", post.ID)})
|
|
getVotesRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(getVotesRec, getVotesReq)
|
|
|
|
votesResponse := assertJSONResponse(t, getVotesRec, http.StatusOK)
|
|
if votesResponse == nil {
|
|
return
|
|
}
|
|
|
|
if data, ok := votesResponse["data"].(map[string]any); ok {
|
|
if votes, ok := data["votes"].([]any); ok && len(votes) > 0 {
|
|
unvoteReq := httptest.NewRequest("DELETE", fmt.Sprintf("/api/posts/%d/vote", post.ID), nil)
|
|
unvoteReq.Header.Set("Authorization", "Bearer "+user.Token)
|
|
unvoteReq = testutils.WithUserContext(unvoteReq, middleware.UserIDKey, user.User.ID)
|
|
unvoteReq = testutils.WithURLParams(unvoteReq, map[string]string{"id": fmt.Sprintf("%d", post.ID)})
|
|
unvoteRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(unvoteRec, unvoteReq)
|
|
|
|
assertStatus(t, unvoteRec, http.StatusOK)
|
|
}
|
|
}
|
|
})
|
|
|
|
t.Run("Complete_Page_Handler_Registration_Journey", func(t *testing.T) {
|
|
pageCtx := setupPageHandlerTestContext(t)
|
|
pageRouter := pageCtx.Router
|
|
pageCtx.Suite.EmailSender.Reset()
|
|
|
|
csrfToken := getCSRFToken(t, pageRouter, "/register")
|
|
|
|
reqBody := url.Values{}
|
|
reqBody.Set("username", "page_journey_user")
|
|
reqBody.Set("email", "page_journey@example.com")
|
|
reqBody.Set("password", "SecurePass123!")
|
|
reqBody.Set("password_confirm", "SecurePass123!")
|
|
reqBody.Set("csrf_token", csrfToken)
|
|
|
|
req := httptest.NewRequest("POST", "/register", strings.NewReader(reqBody.Encode()))
|
|
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
|
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
|
|
rec := httptest.NewRecorder()
|
|
pageRouter.ServeHTTP(rec, req)
|
|
|
|
assertStatusRange(t, rec, http.StatusOK, http.StatusSeeOther)
|
|
|
|
verificationToken := pageCtx.Suite.EmailSender.VerificationToken()
|
|
if verificationToken == "" {
|
|
t.Fatal("Verification token not sent")
|
|
}
|
|
|
|
confirmReq := httptest.NewRequest("GET", "/confirm?token="+url.QueryEscape(verificationToken), nil)
|
|
confirmRec := httptest.NewRecorder()
|
|
pageRouter.ServeHTTP(confirmRec, confirmReq)
|
|
|
|
assertStatusRange(t, confirmRec, http.StatusOK, http.StatusSeeOther)
|
|
|
|
loginCSRFToken := getCSRFToken(t, pageRouter, "/login")
|
|
|
|
loginBody := url.Values{}
|
|
loginBody.Set("username", "page_journey_user")
|
|
loginBody.Set("password", "SecurePass123!")
|
|
loginBody.Set("csrf_token", loginCSRFToken)
|
|
|
|
loginReq := httptest.NewRequest("POST", "/login", strings.NewReader(loginBody.Encode()))
|
|
loginReq.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
|
loginReq.AddCookie(&http.Cookie{Name: "csrf_token", Value: loginCSRFToken})
|
|
loginRec := httptest.NewRecorder()
|
|
pageRouter.ServeHTTP(loginRec, loginReq)
|
|
|
|
assertStatus(t, loginRec, http.StatusSeeOther)
|
|
|
|
loginCookies := loginRec.Result().Cookies()
|
|
var authToken string
|
|
for _, cookie := range loginCookies {
|
|
if cookie.Name == "auth_token" {
|
|
authToken = cookie.Value
|
|
break
|
|
}
|
|
}
|
|
|
|
if authToken == "" {
|
|
t.Fatal("Auth token not set after login")
|
|
}
|
|
|
|
homeReq := httptest.NewRequest("GET", "/", nil)
|
|
homeReq.AddCookie(&http.Cookie{Name: "auth_token", Value: authToken})
|
|
homeRec := httptest.NewRecorder()
|
|
pageRouter.ServeHTTP(homeRec, homeReq)
|
|
|
|
assertStatus(t, homeRec, http.StatusOK)
|
|
})
|
|
|
|
t.Run("Complete_Post_Creation_And_Update_Journey", func(t *testing.T) {
|
|
ctx.Suite.EmailSender.Reset()
|
|
user := createAuthenticatedUser(t, ctx.AuthService, ctx.Suite.UserRepo, "post_update_journey_user", "post_update_journey@example.com")
|
|
|
|
postBody := map[string]string{
|
|
"title": "Original Title",
|
|
"url": "https://example.com/original",
|
|
"content": "Original content",
|
|
}
|
|
postBodyBytes, _ := json.Marshal(postBody)
|
|
postReq := httptest.NewRequest("POST", "/api/posts", bytes.NewBuffer(postBodyBytes))
|
|
postReq.Header.Set("Content-Type", "application/json")
|
|
postReq.Header.Set("Authorization", "Bearer "+user.Token)
|
|
postReq = testutils.WithUserContext(postReq, middleware.UserIDKey, user.User.ID)
|
|
postRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(postRec, postReq)
|
|
|
|
postResponse := assertJSONResponse(t, postRec, http.StatusCreated)
|
|
if postResponse == nil {
|
|
return
|
|
}
|
|
|
|
postData, ok := postResponse["data"].(map[string]any)
|
|
if !ok {
|
|
t.Fatal("Post response missing data")
|
|
}
|
|
|
|
postID, ok := postData["id"].(float64)
|
|
if !ok {
|
|
t.Fatal("Post response missing id")
|
|
}
|
|
|
|
updateBody := map[string]string{
|
|
"title": "Updated Title",
|
|
"content": "Updated content",
|
|
}
|
|
updateBodyBytes, _ := json.Marshal(updateBody)
|
|
updateReq := httptest.NewRequest("PUT", fmt.Sprintf("/api/posts/%.0f", postID), bytes.NewBuffer(updateBodyBytes))
|
|
updateReq.Header.Set("Content-Type", "application/json")
|
|
updateReq.Header.Set("Authorization", "Bearer "+user.Token)
|
|
updateReq = testutils.WithUserContext(updateReq, middleware.UserIDKey, user.User.ID)
|
|
updateReq = testutils.WithURLParams(updateReq, map[string]string{"id": fmt.Sprintf("%.0f", postID)})
|
|
updateRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(updateRec, updateReq)
|
|
|
|
updateResponse := assertJSONResponse(t, updateRec, http.StatusOK)
|
|
if updateResponse == nil {
|
|
return
|
|
}
|
|
|
|
getPostReq := httptest.NewRequest("GET", fmt.Sprintf("/api/posts/%.0f", postID), nil)
|
|
getPostRec := httptest.NewRecorder()
|
|
ctx.Router.ServeHTTP(getPostRec, getPostReq)
|
|
|
|
getPostResponse := assertJSONResponse(t, getPostRec, http.StatusOK)
|
|
if getPostResponse == nil {
|
|
return
|
|
}
|
|
|
|
if data, ok := getPostResponse["data"].(map[string]any); ok {
|
|
if post, ok := data["post"].(map[string]any); ok {
|
|
if title, ok := post["title"].(string); ok && title != "Updated Title" {
|
|
t.Errorf("Post title not updated: expected 'Updated Title', got '%s'", title)
|
|
}
|
|
if content, ok := post["content"].(string); ok && content != "Updated content" {
|
|
t.Errorf("Post content not updated: expected 'Updated content', got '%s'", content)
|
|
}
|
|
}
|
|
}
|
|
})
|
|
}
|