Migrate backend auth to cookies

2025-11-06 07:54:22 +00:00 · 2024-12-05 21:56:35 +01:00
parent b4528c1561
commit de9e9102db
17 changed files with 237 additions and 198 deletions
--- a/server/internal/auth/jwt_test.go
+++ b/server/internal/auth/jwt_test.go
@@ -5,8 +5,6 @@ import (
 	"time"

 	"novamd/internal/auth"
-
-	"github.com/golang-jwt/jwt/v5"
 )

 // jwt_test.go tests
@@ -136,86 +134,3 @@ func TestGenerateAndValidateToken(t *testing.T) {
 		})
 	}
 }
-
-func TestRefreshAccessToken(t *testing.T) {
-	config := auth.JWTConfig{
-		SigningKey:         "test-key",
-		AccessTokenExpiry:  15 * time.Minute,
-		RefreshTokenExpiry: 24 * time.Hour,
-	}
-	service, _ := auth.NewJWTService(config)
-
-	testCases := []struct {
-		name      string
-		userID    int
-		role      string
-		wantErr   bool
-		setupFunc func() string // Added setup function to handle custom token creation
-	}{
-		{
-			name:    "valid refresh token",
-			userID:  1,
-			role:    "admin",
-			wantErr: false,
-			setupFunc: func() string {
-				token, _ := service.GenerateRefreshToken(1, "admin")
-				return token
-			},
-		},
-		{
-			name:    "expired refresh token",
-			userID:  1,
-			role:    "admin",
-			wantErr: true,
-			setupFunc: func() string {
-				// Create a token that's already expired
-				claims := &auth.Claims{
-					RegisteredClaims: jwt.RegisteredClaims{
-						ExpiresAt: jwt.NewNumericDate(time.Now().Add(-time.Hour)), // Expired 1 hour ago
-						IssuedAt:  jwt.NewNumericDate(time.Now().Add(-2 * time.Hour)),
-						NotBefore: jwt.NewNumericDate(time.Now().Add(-2 * time.Hour)),
-					},
-					UserID: 1,
-					Role:   "admin",
-					Type:   auth.RefreshToken,
-				}
-				token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-				tokenString, _ := token.SignedString([]byte(config.SigningKey))
-				return tokenString
-			},
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			refreshToken := tc.setupFunc()
-			newAccessToken, err := service.RefreshAccessToken(refreshToken)
-
-			if tc.wantErr {
-				if err == nil {
-					t.Error("expected error, got nil")
-				}
-				return
-			}
-
-			if err != nil {
-				t.Fatalf("unexpected error: %v", err)
-			}
-
-			claims, err := service.ValidateToken(newAccessToken)
-			if err != nil {
-				t.Fatalf("failed to validate new access token: %v", err)
-			}
-
-			if claims.UserID != tc.userID {
-				t.Errorf("userID = %v, want %v", claims.UserID, tc.userID)
-			}
-			if claims.Role != tc.role {
-				t.Errorf("role = %v, want %v", claims.Role, tc.role)
-			}
-			if claims.Type != auth.AccessToken {
-				t.Errorf("token type = %v, want %v", claims.Type, auth.AccessToken)
-			}
-		})
-	}
-}