DAW/furt
2
0
Fork 0
Code Issues 11 Pull requests Projects Releases 3 Packages 1 Wiki Activity Actions
furt/furt-lua/scripts/test_modular.sh
michael 901f5eb2d8 feat(auth): implement complete API-key authentication with modular architecture (#47) 
- Add comprehensive API-key authentication system with X-API-Key header validation
- Implement permission-based access control (mail:send, * for admin)
- Add rate-limiting system (60 req/hour per API key, 100 req/hour per IP)
- Refactor monolithic 590-line main.lua into 6 modular components (<200 lines each)
- Add IP-restriction support with CIDR notation (127.0.0.1, 10.0.0.0/8)
- Implement Hugo integration with CORS support for localhost:1313
- Add production-ready configuration with environment variable support
- Create comprehensive testing suite (auth, rate-limiting, stress tests)
- Add production deployment checklist and cleanup scripts

This refactoring transforms the API gateway from a single-file monolith into a
biocodie-compliant modular architecture while adding enterprise-grade security
features. Performance testing shows 79 RPS concurrent throughput with <100ms
latency. Hugo contact form integration tested and working. System is now
production-ready for deployment to walter/aitvaras.

Resolves #47
2025-06-24 22:01:38 +02:00

61 lines
1.9 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# furt-lua/scripts/test_modular.sh
# Test der modularen Furt-Architektur
BASE_URL="http://127.0.0.1:8080"
HUGO_API_KEY="hugo-dev-key-change-in-production"
echo "🧩 Testing Modular Furt Architecture"
echo "===================================="
# Test 1: Module dependencies check
echo -e "\n1⃣ Testing module imports (should not error on startup):"
echo "Starting server in background..."
cd "$(dirname "$0")/.."
lua src/main.lua &
SERVER_PID=$!
sleep 2
if kill -0 $SERVER_PID 2>/dev/null; then
echo "✅ Server started successfully - all modules loaded"
else
echo "❌ Server failed to start - module import error"
exit 1
fi
# Test 2: Public endpoints (no auth)
echo -e "\n2⃣ Testing public endpoints:"
curl -s -w "Status: %{http_code}\n" "$BASE_URL/health" | jq '.features'
# Test 3: Protected endpoints without auth (should fail)
echo -e "\n3⃣ Testing auth protection:"
curl -s -w "Status: %{http_code}\n" \
-X POST \
-H "Content-Type: application/json" \
-d '{"name":"Test","email":"test@example.com","message":"Test"}' \
"$BASE_URL/v1/mail/send" | jq '.error'
# Test 4: Protected endpoints with auth (should work)
echo -e "\n4⃣ Testing authenticated request:"
curl -s -w "Status: %{http_code}\n" \
-H "X-API-Key: $HUGO_API_KEY" \
"$BASE_URL/v1/auth/status" | jq '.'
# Test 5: Rate limiting headers
echo -e "\n5⃣ Testing rate limit headers:"
curl -s -i -H "X-API-Key: $HUGO_API_KEY" "$BASE_URL/v1/auth/status" | grep -E "X-RateLimit|HTTP"
# Cleanup
echo -e "\n🧹 Cleanup:"
kill $SERVER_PID 2>/dev/null
wait $SERVER_PID 2>/dev/null
echo "Server stopped"
echo -e "\n✅ Modular Architecture Test Complete!"
echo "Expected behavior:"
echo "- Test 1: ✅ Server starts without module errors"
echo "- Test 2: ✅ Health endpoint works, shows features"
echo "- Test 3: ❌ 401 Unauthorized (missing API key)"
echo "- Test 4: ✅ 200 OK with auth details"
echo "- Test 5: ✅ Rate limit headers present"
Reference in a new issue View git blame Copy permalink