security: sanitize internal infrastructure details from open source package

- Remove production_test_sequence.sh (DAW-specific production tests) - Remove setup_env.sh (obsolete .env setup, replaced by furt.conf) - Sanitize test scripts: replace dragons-at-work.de with example.com - Sanitize API keys: replace dev keys with placeholder values - Remove hardcoded DAW fallbacks from http_server.lua and smtp.lua - Update .gitignore to exclude production-specific test files Tests remain functional for developers with example domains. All internal DAW infrastructure details removed from package. Closes #101
2025-09-07 21:25:25 +02:00 · 2025-09-07 21:25:25 +02:00 · 08b49d3d75
commit 08b49d3d75
parent baa2490bbe
11 changed files with 77 additions and 259 deletions
--- a/scripts/stress_test.sh
+++ b/scripts/stress_test.sh
@ -4,7 +4,7 @@

 BASE_URL="http://127.0.0.1:8080"
 # Use correct API keys that match current .env
-API_KEY="hugo-dev-key-change-in-production"
+API_KEY="YOUR_API_KEY_HERE"

 echo "⚡ Furt API Stress Test"
 echo "======================"
@ -20,9 +20,9 @@ for i in {1..20}; do
    response=$(curl -s -w "%{http_code}" \
        -H "X-API-Key: $API_KEY" \
        "$BASE_URL/v1/auth/status")
-    
+
    status=$(echo "$response" | tail -c 4)
-    
+
    if [ "$status" == "200" ]; then
        rate_limit_remaining=$(echo "$response" | head -n -1 | jq -r '.rate_limit_remaining // "N/A"' 2>/dev/null)
        echo "Request $i: ✅ 200 OK (Rate limit remaining: $rate_limit_remaining)"
@ -33,7 +33,7 @@ for i in {1..20}; do
    else
        echo "Request $i: ❌ $status Error"
    fi
-    
+
    # Small delay to prevent overwhelming
    sleep 0.1
 done
@ -58,10 +58,10 @@ for i in {1..10}; do
            -H "X-API-Key: $API_KEY" \
            "$BASE_URL/health")
        local_end=$(date +%s.%N)
-        
+
        status=$(echo "$response" | tail -c 4)
        duration=$(echo "$local_end - $local_start" | bc -l)
-        
+
        echo "Concurrent $i: Status $status, Duration ${duration}s" > "$temp_dir/result_$i"
    } &
 done
@ -85,18 +85,18 @@ mail_errors=0

 for i in {1..5}; do
    start_time=$(date +%s.%N)
-    
+
    response=$(curl -s -w "%{http_code}" \
        -H "X-API-Key: $API_KEY" \
        -H "Content-Type: application/json" \
        -d "{\"name\":\"Stress Test $i\",\"email\":\"test$i@example.com\",\"subject\":\"Performance Test\",\"message\":\"Load test message $i\"}" \
        "$BASE_URL/v1/mail/send")
-    
+
    end_time=$(date +%s.%N)
    duration=$(echo "$end_time - $start_time" | bc -l)
-    
+
    status=$(echo "$response" | tail -c 4)
-    
+
    if [ "$status" == "200" ]; then
        echo "Mail $i: ✅ 200 OK (${duration}s)"
        ((mail_success++))
@ -104,7 +104,7 @@ for i in {1..5}; do
        echo "Mail $i: ❌ Status $status (${duration}s)"
        ((mail_errors++))
    fi
-    
+
    # Delay between mail sends to be nice to SMTP server
    sleep 1
 done
@ -120,7 +120,7 @@ mixed_success=0

 for i in {1..15}; do
    ((mixed_total++))
-    
+
    if [ $((i % 3)) -eq 0 ]; then
        # Every 3rd request: auth status
        endpoint="/v1/auth/status"
@ -128,20 +128,20 @@ for i in {1..15}; do
        # Other requests: health check
        endpoint="/health"
    fi
-    
+
    response=$(curl -s -w "%{http_code}" \
        -H "X-API-Key: $API_KEY" \
        "$BASE_URL$endpoint")
-    
+
    status=$(echo "$response" | tail -c 4)
-    
+
    if [ "$status" == "200" ]; then
        echo "Mixed $i ($endpoint): ✅ 200 OK"
        ((mixed_success++))
    else
        echo "Mixed $i ($endpoint): ❌ $status"
    fi
-    
+
    sleep 0.2
 done