RubyGems - propel_authentication - Versions diffs - 0.1.1 - Mend

propel_authentication 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (102) hide show

data/lib/generators/propel_auth/test/generators/authentication/controllers/tokens_controller_test.rb ADDED Viewed

@@ -0,0 +1,230 @@
+require 'test_helper'
+class TokensControllerTest < ActionDispatch::IntegrationTest
+  def setup
+    # Create test organization and user with real database
+    @organization = Organization.create!(
+      name: "Test Organization",
+      website: "https://test.com"
+    )
+    @user = User.create!(
+      email_address: "test@example.com",
+      username: "testuser",
+      password: "SecurePassword123!",
+      password_confirmation: "SecurePassword123!",
+      first_name: "Test",
+      last_name: "User",
+      organization: @organization
+    )
+  end
+  def teardown
+    User.destroy_all
+    Organization.destroy_all
+  end
+  def test_login_with_valid_credentials_returns_jwt_token
+    post "/auth/login", params: {
+      user: {
+        email_address: @user.email_address,
+        password: "SecurePassword123!"
+      }
+    }, as: :json
+    assert_response :ok
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("token"), "Response should include JWT token"
+    assert response_body.key?("user"), "Response should include user data"
+    # Verify JWT token structure
+    token = response_body["token"]
+    assert token.is_a?(String), "Token should be a string"
+    assert token.split('.').length == 3, "JWT should have 3 parts separated by dots"
+    # Verify user data
+    user_data = response_body["user"]
+    assert_equal @user.email_address, user_data["email_address"], "Should return correct user email_address"
+    assert_equal @user.username, user_data["username"], "Should return correct username"
+    assert_nil user_data["password_digest"], "Should not expose password digest"
+  end
+  def test_login_with_invalid_credentials_returns_unauthorized
+    post "/auth/login", params: {
+      user: {
+        email_address: @user.email_address,
+        password: "wrongpassword"
+      }
+    }, as: :json
+    assert_response :unauthorized
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("error"), "Should return error message"
+    assert_equal "Invalid credentials", response_body["error"]
+  end
+  def test_login_with_missing_email_returns_bad_request
+    post "/auth/login", params: {
+      user: {
+        password: "SecurePassword123!"
+      }
+    }, as: :json
+    assert_response :unprocessable_entity
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("error"), "Should return error message"
+  end
+  def test_me_endpoint_with_valid_jwt_returns_current_user
+    # First login to get token
+    post "/auth/login", params: {
+      user: {
+        email_address: @user.email_address,
+        password: "SecurePassword123!"
+      }
+    }, as: :json
+    token = JSON.parse(response.body)["token"]
+    # Then access protected endpoint
+    get "/auth/me", headers: {
+      "Authorization" => "Bearer #{token}"
+    }, as: :json
+    assert_response :ok
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("user"), "Should return user data"
+    user_data = response_body["user"]
+    assert_equal @user.email_address, user_data["email_address"], "Should return correct user email_address"
+    assert_equal @user.id, user_data["id"], "Should return correct user ID"
+  end
+  def test_me_endpoint_without_token_returns_unauthorized
+    get "/auth/me", as: :json
+    assert_response :unauthorized
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("error"), "Should return error message"
+    assert_equal "No token provided", response_body["error"]
+  end
+  def test_me_endpoint_with_invalid_token_returns_unauthorized
+    get "/auth/me", headers: {
+      "Authorization" => "Bearer invalid.jwt.token"
+    }, as: :json
+    assert_response :unauthorized
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("error"), "Should return error message"
+  end
+  def test_logout_with_valid_token_returns_success
+    # First login to get token
+    post "/auth/login", params: {
+      user: {
+        email_address: @user.email_address,
+        password: "SecurePassword123!"
+      }
+    }, as: :json
+    token = JSON.parse(response.body)["token"]
+    # Then logout
+    delete "/auth/logout", headers: {
+      "Authorization" => "Bearer #{token}"
+    }, as: :json
+    assert_response :ok
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("message"), "Should return success message"
+    assert_equal "Logged out successfully", response_body["message"]
+  end
+  def test_logout_without_token_returns_success
+    delete "/auth/logout", as: :json
+    assert_response :ok
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("message"), "Should return success message"
+    assert_equal "Logged out successfully", response_body["message"]
+  end
+  def test_jwt_token_includes_organization_context
+    post "/auth/login", params: {
+      user: {
+        email_address: @user.email_address,
+        password: "SecurePassword123!"
+      }
+    }, as: :json
+    token = JSON.parse(response.body)["token"]
+    # Decode JWT to verify organization context
+    payload = JWT.decode(token, PropelAccess.configuration.jwt_secret, true, { algorithm: 'HS256' })[0]
+    assert_equal @user.id, payload["user_id"], "Token should include user ID"
+    assert_equal @organization.id, payload["organization_id"], "Token should include organization ID"
+    assert payload.key?("exp"), "Token should include expiration"
+  end
+  def test_expired_jwt_token_returns_unauthorized
+    # Create expired token
+    expired_payload = {
+      user_id: @user.id,
+      organization_id: @organization.id,
+      exp: 1.hour.ago.to_i
+    }
+    expired_token = JWT.encode(expired_payload, PropelAccess.configuration.jwt_secret, 'HS256')
+    get "/auth/me", headers: {
+      "Authorization" => "Bearer #{expired_token}"
+    }, as: :json
+    assert_response :unauthorized
+    response_body = JSON.parse(response.body)
+    assert response_body.key?("error"), "Should return error message"
+    assert_match(/expired/i, response_body["error"], "Error should mention token expiration")
+  end
+  def test_jwt_authentication_workflow_end_to_end
+    # 1. Login with valid credentials
+    post "/auth/login", params: {
+      user: {
+        email_address: @user.email_address,
+        password: "SecurePassword123!"
+      }
+    }, as: :json
+    assert_response :ok
+    token = JSON.parse(response.body)["token"]
+    assert token.present?, "Login should return JWT token"
+    # 2. Access protected resource with token
+    get "/auth/me", headers: {
+      "Authorization" => "Bearer #{token}"
+    }, as: :json
+    assert_response :ok
+    user_data = JSON.parse(response.body)["user"]
+    assert_equal @user.email_address, user_data["email_address"], "Protected endpoint should return user data"
+    # 3. Logout
+    delete "/auth/logout", headers: {
+      "Authorization" => "Bearer #{token}"
+    }, as: :json
+    assert_response :ok
+    message = JSON.parse(response.body)["message"]
+    assert_equal "Logged out successfully", message, "Logout should return success message"
+  end
+end