first commit

This commit is contained in:
Beyhan Oğur
2026-04-26 21:48:15 +03:00
commit e6f3268c28
50 changed files with 4930 additions and 0 deletions

158
accounts/accounts_test.go Normal file
View File

@@ -0,0 +1,158 @@
package accounts
import (
"testing"
"time"
)
// ─── normalizeRole ──────────────────────────────────────────────────────────
func TestNormalizeRole_Admin(t *testing.T) {
if got := normalizeRole("admin"); got != RoleAdmin {
t.Fatalf("expected %q, got %q", RoleAdmin, got)
}
}
func TestNormalizeRole_User(t *testing.T) {
if got := normalizeRole("user"); got != RoleUser {
t.Fatalf("expected %q, got %q", RoleUser, got)
}
}
func TestNormalizeRole_Unknown(t *testing.T) {
for _, input := range []string{"", "superuser", "moderator", "ADMIN"} {
if got := normalizeRole(input); got != RoleUser {
t.Fatalf("input %q: expected %q fallback, got %q", input, RoleUser, got)
}
}
}
// ─── roleFromUser ───────────────────────────────────────────────────────────
func TestRoleFromUser_Admin(t *testing.T) {
u := User{IsAdmin: true}
if got := roleFromUser(u); got != RoleAdmin {
t.Fatalf("expected admin role, got %q", got)
}
}
func TestRoleFromUser_RegularUser(t *testing.T) {
u := User{IsAdmin: false}
if got := roleFromUser(u); got != RoleUser {
t.Fatalf("expected user role, got %q", got)
}
}
// ─── GenerateTokens / ParseAccessToken / ParseRefreshToken ──────────────────
func TestGenerateAndParse_RoundTrip(t *testing.T) {
t.Setenv("JWT_SECRET", "test-access-secret-xyz")
t.Setenv("JWT_REFRESH_SECRET", "test-refresh-secret-xyz")
access, refresh, err := GenerateTokens(99, RoleUser)
if err != nil {
t.Fatalf("GenerateTokens error: %v", err)
}
uid, err := ParseAccessToken(access)
if err != nil {
t.Fatalf("ParseAccessToken error: %v", err)
}
if uid != 99 {
t.Fatalf("expected user_id 99, got %d", uid)
}
ruid, err := ParseRefreshToken(refresh)
if err != nil {
t.Fatalf("ParseRefreshToken error: %v", err)
}
if ruid != 99 {
t.Fatalf("expected refresh user_id 99, got %d", ruid)
}
}
func TestGenerateTokens_MissingSecretsError(t *testing.T) {
t.Setenv("JWT_SECRET", "")
t.Setenv("JWT_REFRESH_SECRET", "")
if _, _, err := GenerateTokens(1, RoleUser); err == nil {
t.Fatal("expected error when JWT secrets are missing")
}
}
func TestParseAccessToken_TamperedTokenFails(t *testing.T) {
t.Setenv("JWT_SECRET", "my-secret")
t.Setenv("JWT_REFRESH_SECRET", "my-refresh")
_, err := ParseAccessToken("this.is.notavalidtoken")
if err == nil {
t.Fatal("expected error for tampered token")
}
}
func TestParseRefreshToken_WrongSecretFails(t *testing.T) {
t.Setenv("JWT_SECRET", "secret-a")
t.Setenv("JWT_REFRESH_SECRET", "secret-b")
access, _, err := GenerateTokens(1, RoleUser)
if err != nil {
t.Fatalf("GenerateTokens error: %v", err)
}
// Access token'ı refresh secret ile parse etmeye çalışmak başarısız olmalı
_, err = ParseRefreshToken(access)
if err == nil {
t.Fatal("expected error when parsing access token with refresh secret")
}
}
// ─── parseAccessClaims role claim içeriği ──────────────────────────────────
func TestParseAccessClaims_ContainsRole(t *testing.T) {
t.Setenv("JWT_SECRET", "test-secret")
t.Setenv("JWT_REFRESH_SECRET", "test-refresh")
access, _, err := GenerateTokens(7, RoleAdmin)
if err != nil {
t.Fatalf("GenerateTokens error: %v", err)
}
claims, err := parseAccessClaims(access)
if err != nil {
t.Fatalf("parseAccessClaims error: %v", err)
}
if claims.Role != RoleAdmin {
t.Fatalf("expected role %q, got %q", RoleAdmin, claims.Role)
}
if claims.UserID != 7 {
t.Fatalf("expected user_id 7, got %d", claims.UserID)
}
}
// ─── User model ApiToken süresi ───────────────────────────────────────────
func TestUser_ApiTokenExpiresAt_NilMeansNeverExpires(t *testing.T) {
u := User{ApiTokenExpiresAt: nil}
if u.ApiTokenExpiresAt != nil {
t.Fatal("nil ApiTokenExpiresAt must remain nil")
}
}
func TestUser_ApiTokenExpiresAt_CanBeSet(t *testing.T) {
exp := time.Now().Add(24 * time.Hour)
u := User{ApiTokenExpiresAt: &exp}
if u.ApiTokenExpiresAt == nil {
t.Fatal("ApiTokenExpiresAt should not be nil after assignment")
}
if !u.ApiTokenExpiresAt.Equal(exp) {
t.Fatalf("expected %v, got %v", exp, *u.ApiTokenExpiresAt)
}
}
func TestUser_IsAdminDefaultFalse(t *testing.T) {
u := User{}
if u.IsAdmin {
t.Fatal("zero-value User must not be admin")
}
}