# Test Rehberi Bu dokuman projedeki otomatik test kapsamini ve calistirma adimlarini ozetler. ## Calistirma Tum testleri calistirmak icin: ```bash go test ./... ``` Kapsam (coverage) ile calistirmak icin: ```bash go test -cover ./... ``` ## Endpoint Test Matrisi Asagidaki endpointler otomatik testlerle, hem basarili hem hata senaryolariyla kapsanir: | Endpoint | Durum kodlari | Dosyalar | |---|---|---| | `POST /api/v1/auth/register` | `201`, `400`, `409`, `500` | [router/router_test.go](../router/router_test.go), [app/accounts/controllers/user_test.go](../app/accounts/controllers/user_test.go) | | `GET /api/v1/auth/verify-email` | `200`, `400` | [router/router_test.go](../router/router_test.go), [app/accounts/controllers/user_test.go](../app/accounts/controllers/user_test.go) | | `POST /api/v1/auth/login` | `200`, `400`, `401`, `403` | [router/router_test.go](../router/router_test.go), [app/accounts/controllers/user_test.go](../app/accounts/controllers/user_test.go) | | `POST /api/v1/auth/refresh` | `200`, `400`, `401`, `403` | [router/router_test.go](../router/router_test.go), [app/accounts/controllers/user_test.go](../app/accounts/controllers/user_test.go) | | `GET /api/v1/me` | `200`, `401` | [router/router_test.go](../router/router_test.go), [app/accounts/controllers/user_test.go](../app/accounts/controllers/user_test.go), [pkg/middleware/auth_test.go](../pkg/middleware/auth_test.go) | | `GET /swagger/index.html` | `200` | [router/router_test.go](../router/router_test.go) | | `POST /swagger/index.html` | `404` | [router/router_test.go](../router/router_test.go) | | `GET /swagger/swagger-initializer.js` | `200` | [router/router_test.go](../router/router_test.go) | ## Endpoint Senaryo Detayi ### `POST /api/v1/auth/register` - Basarili kayit ve mail gonderimi - `password`/`confirm_password` uyusmazligi - Duplicate email - SMTP/config hatasinda register rollback ### `GET /api/v1/auth/verify-email` - Basarili token ile aktivasyon - Token eksik - Token gecersiz ### `POST /api/v1/auth/login` - Dogrulanmis hesapla basarili login - Eksik/hatali request body - Yanlis sifre veya bulunamayan email - Dogrulanmamis email ### `POST /api/v1/auth/refresh` - Gecerli refresh token ile yeni access token - Eksik request body - Bozuk/gecersiz JWT - Token kullanicisi bulunamadi - Dogrulanmamis email ### `GET /api/v1/me` - Gecerli Bearer access token ile erisim - Authorization header yok - Raw token (Bearer olmadan) reddi - Username context yoksa DB fallback ## Paket Bazli Testler | Paket | Dosya | Kapsam | |---|---|---| | `pkg/jwt` | [pkg/jwt/jwt_test.go](../pkg/jwt/jwt_test.go) | Token uretim/dogrulama, yanlis secret davranisi | | `pkg/middleware` | [pkg/middleware/auth_test.go](../pkg/middleware/auth_test.go), [pkg/middleware/dynamic_policies_test.go](../pkg/middleware/dynamic_policies_test.go) | Auth middleware + dynamic CORS/RateLimit davranisi | | `pkg/mailer` | [pkg/mailer/mailer_test.go](../pkg/mailer/mailer_test.go) | SMTP config validasyonu ve fake SMTP ile gonderim | | `app/accounts/controllers` | [app/accounts/controllers/user_test.go](../app/accounts/controllers/user_test.go) | Verify/Login/Refresh/Me handler seviyesinde davranis testleri | ## Dynamic Policy Testleri `pkg/middleware/dynamic_policies_test.go` su senaryolari kapsar: - Blacklist origin'in CORS tarafinda bloklanmasi - Whitelist origin'in rate-limitten muaf olmasi - Whitelist/blacklist disi origin'e rate-limit uygulanmasi - `login` ve `register` endpointlerine ayri limit kurallarinin calismasi ## Notlar - Endpoint entegrasyon testi icin test icinde gecici SQLite veritabani kullanilir. - Register testinde email gonderimi icin test icinde fake SMTP sunucusu ayaga kaldirilir. - Testler ortamdan bagimsiz calisacak sekilde gerekli env degerlerini test icinde set eder.