OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v3
v2
v1.0.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ec47bcc192'
${ noResults }
OneAuth/scripts/tests/01_setup_users.sh

149 lines
4.1 KiB
Bash
Raw Normal View History Unescape Escape

refactor(tests): Restructure test scripts with better coverage - Add 00_none_auth.sh for unauthenticated access testing - Replace 01_basic_auth.sh with 01_setup_users.sh for comprehensive user setup - Replace 02_user_permission.sh with 02_resource_perm.sh for cross-user permission tests - Update lib.sh to handle non-numeric code fields in response - Update README.md with new test structure and usage instructions - Update run_all.sh with new test sequence
1 week ago
#!/bin/bash
#
# 01_setup_users.sh
#
# 功能:
# 1. 初始化三个核心测试账户Admin, User1, User2
# 2. 验证基础认证功能注册、登录、信息修改、密码修改、Token刷新、登出
# 3. 确保后续测试有稳定的测试账号
#
set -e
# 加载公共库
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/lib.sh"
test_start "用户初始化与基础认证测试"
# 检查服务
check_service
# ==========================================
# 定义测试账号
# ==========================================
# 密码统一
COMMON_PASS="password123"
# 1. Admin 用户 (系统第一个注册用户自动成为Admin)
ADMIN_USER="admin_${TEST_TIMESTAMP}"
ADMIN_EMAIL="${ADMIN_USER}@test.com"
# 2. 普通用户 1
USER1_NAME="user1_${TEST_TIMESTAMP}"
USER1_EMAIL="${USER1_NAME}@test.com"
# 3. 普通用户 2
USER2_NAME="user2_${TEST_TIMESTAMP}"
USER2_EMAIL="${USER2_NAME}@test.com"
# 4. 临时用户 (用于测试改密、登出等破坏性操作)
TEMP_USER="temp_${TEST_TIMESTAMP}"
TEMP_EMAIL="${TEMP_USER}@test.com"
# ==========================================
# 1. 创建核心账户
# ==========================================
# --- Admin ---
step "1.1 注册 Admin 账户 (第一个用户)"
RES=$(register_user "$ADMIN_USER" "$COMMON_PASS" "$ADMIN_EMAIL")
check_http_code "$RES" "200"
info "Admin 注册成功: $ADMIN_USER"
# 验证 Admin 登录
RES=$(login_user "$ADMIN_USER" "$COMMON_PASS")
check_http_code "$RES" "200"
ADMIN_TOKEN=$(get_token "$RES")
check_success "Admin 登录验证成功"
# --- User1 ---
step "1.2 注册 User1 账户"
RES=$(register_user "$USER1_NAME" "$COMMON_PASS" "$USER1_EMAIL")
check_http_code "$RES" "200"
info "User1 注册成功: $USER1_NAME"
# 验证 User1 登录
RES=$(login_user "$USER1_NAME" "$COMMON_PASS")
check_http_code "$RES" "200"
USER1_TOKEN=$(get_token "$RES")
check_success "User1 登录验证成功"
# --- User2 ---
step "1.3 注册 User2 账户"
RES=$(register_user "$USER2_NAME" "$COMMON_PASS" "$USER2_EMAIL")
check_http_code "$RES" "200"
info "User2 注册成功: $USER2_NAME"
# 验证 User2 登录
RES=$(login_user "$USER2_NAME" "$COMMON_PASS")
check_http_code "$RES" "200"
check_success "User2 登录验证成功"
# ==========================================
# 2. 基础功能验证 (使用临时用户)
# ==========================================
step "2.1 注册临时用户用于功能验证"
RES=$(register_user "$TEMP_USER" "$COMMON_PASS" "$TEMP_EMAIL")
check_http_code "$RES" "200"
# 登录
RES=$(login_user "$TEMP_USER" "$COMMON_PASS")
TEMP_TOKEN=$(get_token "$RES")
TEMP_ID=$(get_user_id "$RES")
# 修改信息
step "2.2 验证修改个人信息"
RES=$(api_patch "/api/users/$TEMP_ID" '{"nickname": "Temp Nick"}' "$TEMP_TOKEN")
check_http_code "$RES" "200"
check_success "修改信息成功"
# 修改密码
step "2.3 验证修改密码"
NEW_PASS="newpass123"
RES=$(api_post "/api/auth/me/change-password" \
"{\"old_password\": \"$COMMON_PASS\", \"new_password\": \"$NEW_PASS\"}" \
"$TEMP_TOKEN")
check_http_code "$RES" "200"
check_success "密码修改成功"
# 旧密码登录失败验证
step "2.4 验证旧密码登录失败"
RES=$(login_user "$TEMP_USER" "$COMMON_PASS")
code=$(echo "$RES" | jq -r '.code // 200')
if [[ "$code" != "200" ]]; then
check_success "旧密码登录被拒绝 (预期)"
else
error "旧密码仍然可以登录!"
exit 1
fi
# 新密码登录
step "2.5 验证新密码登录"
RES=$(login_user "$TEMP_USER" "$NEW_PASS")
check_http_code "$RES" "200"
TEMP_TOKEN=$(get_token "$RES") # 更新 Token
check_success "新密码登录成功"
# Token 刷新
step "2.6 验证 Token 刷新"
REFRESH_TOKEN=$(get_refresh_token "$RES")
RES=$(api_post "/api/auth/refresh" "{\"refresh_token\": \"$REFRESH_TOKEN\"}" "")
check_http_code "$RES" "200"
NEW_ACCESS=$(echo "$RES" | jq -r '.access_token')
if [ -n "$NEW_ACCESS" ] && [ "$NEW_ACCESS" != "null" ]; then
check_success "Token 刷新成功"
else
error "Token 刷新失败"
exit 1
fi
# 登出
step "2.7 验证登出"
RES=$(api_post "/api/auth/logout" "{}" "$TEMP_TOKEN")
check_http_code "$RES" "200"
check_success "登出成功"
test_end