alvaro/normogen
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
normogen/backend/test-phase-2-4-complete.sh
goose a3c6a43dfb
Some checks failed
Lint and Build / Lint (push) Has been cancelled
Details
Lint and Build / Build (push) Has been cancelled
Details
Lint and Build / Docker Build (push) Has been cancelled
Details
feat(backend): Complete Phase 2.4 - User Management Enhancement 
Phase 2.4 is now COMPLETE!

Implemented Features:

1. Password Recovery 
   - Zero-knowledge recovery phrases
   - Setup, verify, and reset-password endpoints
   - Token invalidation on password reset

2. Enhanced Profile Management 
   - Get, update, and delete profile endpoints
   - Password confirmation for deletion
   - Token revocation on account deletion

3. Email Verification (Stub) 
   - Verification status check
   - Send verification email (stub - no email server)
   - Verify email with token
   - Resend verification email (stub)

4. Account Settings Management 
   - Get account settings endpoint
   - Update account settings endpoint
   - Change password with current password confirmation
   - Token invalidation on password change

New API Endpoints: 11 total

Files Modified:
- backend/src/models/user.rs (added find_by_verification_token)
- backend/src/handlers/auth.rs (email verification handlers)
- backend/src/handlers/users.rs (account settings handlers)
- backend/src/main.rs (new routes)

Testing:
- backend/test-phase-2-4-complete.sh

Documentation:
- backend/PHASE-2-4-COMPLETE.md

Phase 2.4: 100% COMPLETE
2026-02-15 20:48:39 -03:00

136 lines
3.9 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
# Phase 2.4 Complete Test Script
BASE_URL="http://10.0.10.30:6500"
echo "🧪 Phase 2.4 Complete Test"
echo "=========================="
echo ""
EMAIL="phase24test@example.com"
USERNAME="phase24test"
PASSWORD="SecurePassword123!"
# Test 1: Register user
echo "1. Register user..."
REGISTER=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/auth/register \
-H "Content-Type: application/json" \
-d "{
\"email\": \"$EMAIL\",
\"username\": \"$USERNAME\",
\"password\": \"$PASSWORD\",
\"recovery_phrase\": \"test-recovery-phrase\"
}")
echo "$REGISTER"
echo ""
# Test 2: Login
echo "2. Login..."
LOGIN_RESPONSE=$(curl -s -X POST $BASE_URL/api/auth/login \
-H "Content-Type: application/json" \
-d "{
\"email\": \"$EMAIL\",
\"password\": \"$PASSWORD\"
}")
echo "$LOGIN_RESPONSE" | jq .
ACCESS_TOKEN=$(echo "$LOGIN_RESPONSE" | jq -r '.access_token // empty')
if [ -z "$ACCESS_TOKEN" ] || [ "$ACCESS_TOKEN" = "null" ]; then
echo "❌ Failed to get access token"
exit 1
fi
echo "✅ Access token obtained"
echo ""
# Test 3: Get verification status
echo "3. Get email verification status..."
STATUS=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/auth/verify/status \
-H "Authorization: Bearer $ACCESS_TOKEN")
echo "$STATUS"
echo ""
# Test 4: Send verification email
echo "4. Send verification email (stub)..."
VERIFY_RESPONSE=$(curl -s -X POST $BASE_URL/api/auth/verify/send \
-H "Authorization: Bearer $ACCESS_TOKEN")
echo "$VERIFY_RESPONSE" | jq .
# Extract verification token
VERIFY_TOKEN=$(echo "$VERIFY_RESPONSE" | jq -r '.verification_token // empty')
echo ""
echo "Verification token: $VERIFY_TOKEN"
echo ""
# Test 5: Verify email
echo "5. Verify email with token..."
VERIFY_EMAIL=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/auth/verify/email \
-H "Content-Type: application/json" \
-d "{
\"token\": \"$VERIFY_TOKEN\"
}")
echo "$VERIFY_EMAIL"
echo ""
# Test 6: Check verification status again
echo "6. Check verification status (should be verified now)..."
STATUS_AFTER=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/auth/verify/status \
-H "Authorization: Bearer $ACCESS_TOKEN")
echo "$STATUS_AFTER"
echo ""
# Test 7: Get account settings
echo "7. Get account settings..."
SETTINGS=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/users/me/settings \
-H "Authorization: Bearer $ACCESS_TOKEN")
echo "$SETTINGS"
echo ""
# Test 8: Update account settings
echo "8. Update account settings..."
UPDATE_SETTINGS=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X PUT $BASE_URL/api/users/me/settings \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"theme": "dark",
"language": "es",
"timezone": "America/Argentina/Buenos_Aires",
"email_notifications": true
}')
echo "$UPDATE_SETTINGS"
echo ""
# Test 9: Change password
echo "9. Change password..."
CHANGE_PASSWORD=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/users/me/change-password \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"current_password": "SecurePassword123!",
"new_password": "NewSecurePassword456!"
}')
echo "$CHANGE_PASSWORD"
echo ""
# Test 10: Try to use old token (should fail - all tokens revoked after password change)
echo "10. Try to use old access token (should fail)..."
OLD_TOKEN_TEST=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X GET $BASE_URL/api/users/me \
-H "Authorization: Bearer $ACCESS_TOKEN")
echo "$OLD_TOKEN_TEST"
echo ""
# Test 11: Login with new password
echo "11. Login with new password..."
NEW_LOGIN=$(curl -s -w "\nHTTP Status: %{http_code}\n" -X POST $BASE_URL/api/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "phase24test@example.com",
"password": "NewSecurePassword456!"
}')
echo "$NEW_LOGIN"
echo ""
echo "✅ All Phase 2.4 tests complete!"
Reference in a new issue View git blame Copy permalink