DAW/furt
2
0
Fork 0
Code Issues 11 Pull requests Projects Releases 3 Packages 1 Wiki Activity Actions
furt/scripts/test_auth.sh
michael be3b9614d0 refactor: clean repository structure for v0.1.0 open source release 
- Remove Go artifacts (cmd/, internal/, pkg/, go.mod)
- Move furt-lua/* content to repository root
- Restructure as clean src/, config/, scripts/, tests/ layout
- Rewrite README.md as practical tool documentation
- Remove timeline references and marketing language
- Clean .gitignore from Go-era artifacts
- Update config/server.lua with example.org defaults
- Add .env.production to .gitignore for security

Repository now ready for open source distribution with minimal,
focused structure and generic configuration templates.
close issue DAW/furt#86
2025-08-14 09:36:55 +02:00

79 lines
2.7 KiB
Bash
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# furt-lua/scripts/test_auth.sh
# Test API-Key-Authentifizierung (ohne jq parse errors)
BASE_URL="http://127.0.0.1:8080"
HUGO_API_KEY="hugo-dev-key-change-in-production"
ADMIN_API_KEY="admin-dev-key-change-in-production"
INVALID_API_KEY="invalid-key-should-fail"
echo "🔐 Testing Furt API-Key Authentication"
echo "======================================"
# Helper function to make clean API calls
make_request() {
local method="$1"
local url="$2"
local headers="$3"
local data="$4"
echo "Request: $method $url"
if [ -n "$headers" ]; then
echo "Headers: $headers"
fi
local response=$(curl -s $method \
${headers:+-H "$headers"} \
${data:+-d "$data"} \
-H "Content-Type: application/json" \
"$url")
local status=$(curl -s -o /dev/null -w "%{http_code}" $method \
${headers:+-H "$headers"} \
${data:+-d "$data"} \
-H "Content-Type: application/json" \
"$url")
echo "Status: $status"
echo "Response: $response" | jq '.' 2>/dev/null || echo "$response"
echo ""
}
# Test 1: Health-Check (public, no auth needed)
echo "1⃣ Public Health Check (no auth required):"
make_request "-X GET" "$BASE_URL/health"
# Test 2: No API-Key -> 401
echo "2⃣ Mail without API-Key (should fail with 401):"
make_request "-X POST" "$BASE_URL/v1/mail/send" "" '{"name":"Test","email":"test@example.com","message":"Test"}'
# Test 3: Invalid API-Key -> 401
echo "3⃣ Mail with invalid API-Key (should fail with 401):"
make_request "-X POST" "$BASE_URL/v1/mail/send" "X-API-Key: $INVALID_API_KEY" '{"name":"Test","email":"test@example.com","message":"Test"}'
# Test 4: Valid API-Key -> 200 (or SMTP error)
echo "4⃣ Mail with valid Hugo API-Key (should work):"
make_request "-X POST" "$BASE_URL/v1/mail/send" "X-API-Key: $HUGO_API_KEY" '{
"name": "Test User",
"email": "test@example.com",
"subject": "API Auth Test",
"message": "This is a test message via authenticated API"
}'
# Test 5: Auth Status Check
echo "5⃣ Auth Status Check with Hugo API-Key:"
make_request "-X GET" "$BASE_URL/v1/auth/status" "X-API-Key: $HUGO_API_KEY"
# Test 6: Auth Status with Admin API-Key
echo "6⃣ Auth Status Check with Admin API-Key:"
make_request "-X GET" "$BASE_URL/v1/auth/status" "X-API-Key: $ADMIN_API_KEY"
echo "✅ Auth Testing Complete!"
echo ""
echo "Expected Results:"
echo "- Test 1: ✅ 200 OK (health check)"
echo "- Test 2: ❌ 401 Unauthorized (Missing API-Key)"
echo "- Test 3: ❌ 401 Unauthorized (Invalid API-Key)"
echo "- Test 4: ✅ 200 OK (Valid API-Key) or 500 if SMTP not configured"
echo "- Test 5,6: ✅ 200 OK with auth details"
Reference in a new issue View git blame Copy permalink