// auth_handler_test.go tests the auth handler endpoints that survived the // Ory Kratos migration: GET /me/ and PUT/PATCH /profile/. // Login, register, logout, forgot-password, and social sign-in are now // handled by Kratos. package handlers import ( "encoding/json" "net/http" "testing" "time" "github.com/labstack/echo/v4" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/treytartt/honeydue-api/internal/config" "github.com/treytartt/honeydue-api/internal/dto/requests" "github.com/treytartt/honeydue-api/internal/repositories" "github.com/treytartt/honeydue-api/internal/services" "github.com/treytartt/honeydue-api/internal/testutil" ) func setupAuthHandler(t *testing.T) (*AuthHandler, *echo.Echo, *repositories.UserRepository) { db := testutil.SetupTestDB(t) userRepo := repositories.NewUserRepository(db) cfg := &config.Config{ Security: config.SecurityConfig{ SecretKey: "test-secret-key", PasswordResetExpiry: 15 * time.Minute, ConfirmationExpiry: 24 * time.Hour, MaxPasswordResetRate: 3, }, } authService := services.NewAuthService(userRepo, cfg) handler := NewAuthHandler(authService, nil, nil) // No email or cache for tests e := testutil.SetupTestRouter() return handler, e, userRepo } func TestAuthHandler_CurrentUser(t *testing.T) { handler, e, _ := setupAuthHandler(t) db := testutil.SetupTestDB(t) user := testutil.CreateTestUser(t, db, "metest", "me@test.com", "") user.FirstName = "Test" user.LastName = "User" // Use the userRepo from setupAuthHandler's DB, but since we need the user // in the same DB we re-create it there. db2 := testutil.SetupTestDB(t) user2 := testutil.CreateTestUser(t, db2, "metest2", "me2@test.com", "") user2.FirstName = "Test" user2.LastName = "User" userRepo2 := repositories.NewUserRepository(db2) require.NoError(t, userRepo2.Update(user2)) // Build handler against db2 cfg := &config.Config{} authService2 := services.NewAuthService(userRepo2, cfg) handler2 := NewAuthHandler(authService2, nil, nil) authGroup := e.Group("/api/auth") authGroup.Use(testutil.MockAuthMiddleware(user2)) authGroup.GET("/me/", handler2.CurrentUser) _ = handler // avoid unused t.Run("get current user", func(t *testing.T) { w := testutil.MakeRequest(e, "GET", "/api/auth/me/", nil, "test-token") testutil.AssertStatusCode(t, w, http.StatusOK) var response map[string]interface{} err := json.Unmarshal(w.Body.Bytes(), &response) require.NoError(t, err) assert.Equal(t, "metest2", response["username"]) assert.Equal(t, "me2@test.com", response["email"]) }) } func TestAuthHandler_UpdateProfile(t *testing.T) { db := testutil.SetupTestDB(t) userRepo := repositories.NewUserRepository(db) cfg := &config.Config{} authService := services.NewAuthService(userRepo, cfg) handler := NewAuthHandler(authService, nil, nil) e := testutil.SetupTestRouter() user := testutil.CreateTestUser(t, db, "updatetest", "update@test.com", "") authGroup := e.Group("/api/auth") authGroup.Use(testutil.MockAuthMiddleware(user)) authGroup.PUT("/profile/", handler.UpdateProfile) t.Run("update first and last name", func(t *testing.T) { firstName := "Updated" lastName := "Name" req := requests.UpdateProfileRequest{ FirstName: &firstName, LastName: &lastName, } w := testutil.MakeRequest(e, "PUT", "/api/auth/profile/", req, "test-token") testutil.AssertStatusCode(t, w, http.StatusOK) var response map[string]interface{} err := json.Unmarshal(w.Body.Bytes(), &response) require.NoError(t, err) assert.Equal(t, "Updated", response["first_name"]) assert.Equal(t, "Name", response["last_name"]) }) }