2026-05-02 13:02:38 +08:00

58 lines
1.2 KiB
Go

package service
import (
"testing"
"time"
)
func TestHashPasswordAndCheckPassword(t *testing.T) {
hash, err := HashPassword("admin123")
if err != nil {
t.Fatalf("hash password: %v", err)
}
if !CheckPassword(hash, "admin123") {
t.Fatal("expected password to match")
}
if CheckPassword(hash, "wrong-password") {
t.Fatal("expected wrong password to fail")
}
}
func TestAccessTokenRoundTrip(t *testing.T) {
auth := NewAuthService("test-secret", time.Minute)
token, _, err := auth.GenerateAccessToken(7, "admin", []string{"user:view", "user:create"})
if err != nil {
t.Fatalf("generate token: %v", err)
}
claims, err := auth.ParseAccessToken(token)
if err != nil {
t.Fatalf("parse token: %v", err)
}
if claims.UserID != 7 || claims.Username != "admin" {
t.Fatalf("unexpected claims: %#v", claims)
}
if len(claims.Permissions) != 2 {
t.Fatalf("unexpected permissions: %#v", claims.Permissions)
}
}
func TestRefreshTokenHash(t *testing.T) {
token, hash, err := NewRefreshToken()
if err != nil {
t.Fatalf("new refresh token: %v", err)
}
if token == "" || hash == "" {
t.Fatal("expected token and hash")
}
if HashToken(token) != hash {
t.Fatal("expected stable refresh token hash")
}
}