#!/bin/bash # Phase 2.4 Complete Test Script BASE_URL="http://10.0.10.30:6500" echo "๐Ÿงช Phase 2.4 Complete Test" echo "==========================" echo "" EMAIL="phase24test@example.com" USERNAME="phase24test" PASSWORD="SecurePassword123!" # Test 1: Register user echo "1. Register user..." REGISTER=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/auth/register \ -H "Content-Type: application/json" \ -d "{ \"email\": \"$EMAIL\", \"username\": \"$USERNAME\", \"password\": \"$PASSWORD\", \"recovery_phrase\": \"test-recovery-phrase\" }") echo "$REGISTER" echo "" # Test 2: Login echo "2. Login..." LOGIN_RESPONSE=$(curl -s -X POST $BASE_URL/api/auth/login \ -H "Content-Type: application/json" \ -d "{ \"email\": \"$EMAIL\", \"password\": \"$PASSWORD\" }") echo "$LOGIN_RESPONSE" | jq . ACCESS_TOKEN=$(echo "$LOGIN_RESPONSE" | jq -r '.access_token // empty') if [ -z "$ACCESS_TOKEN" ] || [ "$ACCESS_TOKEN" = "null" ]; then echo "โŒ Failed to get access token" exit 1 fi echo "โœ… Access token obtained" echo "" # Test 3: Get verification status echo "3. Get email verification status..." STATUS=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/auth/verify/status \ -H "Authorization: Bearer $ACCESS_TOKEN") echo "$STATUS" echo "" # Test 4: Send verification email echo "4. Send verification email (stub)..." VERIFY_RESPONSE=$(curl -s -X POST $BASE_URL/api/auth/verify/send \ -H "Authorization: Bearer $ACCESS_TOKEN") echo "$VERIFY_RESPONSE" | jq . # Extract verification token VERIFY_TOKEN=$(echo "$VERIFY_RESPONSE" | jq -r '.verification_token // empty') echo "" echo "Verification token: $VERIFY_TOKEN" echo "" # Test 5: Verify email echo "5. Verify email with token..." VERIFY_EMAIL=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/auth/verify/email \ -H "Content-Type: application/json" \ -d "{ \"token\": \"$VERIFY_TOKEN\" }") echo "$VERIFY_EMAIL" echo "" # Test 6: Check verification status again echo "6. Check verification status (should be verified now)..." STATUS_AFTER=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/auth/verify/status \ -H "Authorization: Bearer $ACCESS_TOKEN") echo "$STATUS_AFTER" echo "" # Test 7: Get account settings echo "7. Get account settings..." SETTINGS=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/users/me/settings \ -H "Authorization: Bearer $ACCESS_TOKEN") echo "$SETTINGS" echo "" # Test 8: Update account settings echo "8. Update account settings..." UPDATE_SETTINGS=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X PUT $BASE_URL/api/users/me/settings \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -d '{ "theme": "dark", "language": "es", "timezone": "America/Argentina/Buenos_Aires", "email_notifications": true }') echo "$UPDATE_SETTINGS" echo "" # Test 9: Change password echo "9. Change password..." CHANGE_PASSWORD=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/users/me/change-password \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -d '{ "current_password": "SecurePassword123!", "new_password": "NewSecurePassword456!" }') echo "$CHANGE_PASSWORD" echo "" # Test 10: Try to use old token (should fail - all tokens revoked after password change) echo "10. Try to use old access token (should fail)..." OLD_TOKEN_TEST=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/users/me \ -H "Authorization: Bearer $ACCESS_TOKEN") echo "$OLD_TOKEN_TEST" echo "" # Test 11: Login with new password echo "11. Login with new password..." NEW_LOGIN=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/auth/login \ -H "Content-Type: application/json" \ -d '{ "email": "phase24test@example.com", "password": "NewSecurePassword456!" }') echo "$NEW_LOGIN" echo "" echo "โœ… All Phase 2.4 tests complete!"