tonytech/library-picturebook-activity
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b20c00bea3
library-picturebook-activity/java-frontend/tests/specs/auth.api.spec.ts
En b805f456a6 feat: 完善后端基础架构和登录功能 
- 添加 Lombok 配置支持
- 完善枚举类和常量定义
- 新增工具类(TraceId、限流、OSS 等)
- 添加切面(日志、限流、TraceId)
- 更新数据库索引规范(应用层防重)
- 登录页面样式优化
- 前后端项目文档补充
2026-03-31 13:58:28 +08:00

166 lines
5.0 KiB
TypeScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import { test, expect } from '../fixtures/auth.fixture';
/**
* 认证 API 测试
* 测试登录、登出、获取用户信息等认证接口
*/
test.describe('认证 API 测试', () => {
const API_BASE = 'http://localhost:8580';
test.describe('登录接口', () => {
test('TC-AUTH-001: 登录接口 - 成功', async ({ request }) => {
const response = await request.post(`${API_BASE}/api/auth/login`, {
data: {
username: 'admin',
password: 'admin123',
tenantCode: 'platform',
},
});
expect(response.ok()).toBeTruthy();
const data = await response.json();
expect(data.code).toBe(200);
expect(data.data.token).toBeTruthy();
expect(data.data.user).toBeTruthy();
expect(data.data.user.tenantCode).toBe('platform');
expect(data.data.user.username).toBe('admin');
console.log('✓ TC-AUTH-001 通过:登录接口成功');
});
test('TC-AUTH-001: 登录接口 - 返回用户角色和权限', async ({ request }) => {
const response = await request.post(`${API_BASE}/api/auth/login`, {
data: {
username: 'admin',
password: 'admin123',
tenantCode: 'platform',
},
});
const data = await response.json();
// 验证返回数据包含角色和权限
expect(data.data.user).toBeTruthy();
expect(data.data.user.roles).toBeTruthy();
expect(data.data.user.permissions).toBeTruthy();
expect(Array.isArray(data.data.user.roles)).toBeTruthy();
expect(Array.isArray(data.data.user.permissions)).toBeTruthy();
console.log('✓ 登录接口返回角色和权限');
});
});
test.describe('登出接口', () => {
test('TC-AUTH-002: 登出接口 - 成功', async ({ request, loginViaAPI }) => {
// 先登录获取 Token
const { token } = await loginViaAPI('platform');
// 执行登出
const response = await request.post(`${API_BASE}/api/auth/logout`, {
headers: {
Authorization: `Bearer ${token}`,
},
});
const data = await response.json();
expect(data.code).toBe(200);
console.log('✓ TC-AUTH-002 通过:登出接口成功');
});
test('TC-AUTH-002: 登出接口 - Token 无效', async ({ request }) => {
// 使用无效的 Token 尝试登出
const response = await request.post(`${API_BASE}/api/auth/logout`, {
headers: {
Authorization: 'Bearer invalid-token',
},
});
const data = await response.json();
// 应该返回错误
expect(data.code).not.toBe(200);
console.log('✓ 登出接口 - Token 无效场景');
});
});
test.describe('获取当前用户信息接口', () => {
test('TC-AUTH-003: 获取当前用户信息 - 成功', async ({ request, loginViaAPI }) => {
// 先登录获取 Token
const { token } = await loginViaAPI('platform');
// 获取用户信息
const response = await request.get(`${API_BASE}/api/auth/me`, {
headers: {
Authorization: `Bearer ${token}`,
},
});
expect(response.ok()).toBeTruthy();
const data = await response.json();
expect(data.code).toBe(200);
expect(data.data.username).toBe('admin');
expect(data.data.tenantCode).toBe('platform');
console.log('✓ TC-AUTH-003 通过:获取当前用户信息成功');
});
test('TC-AUTH-003: 获取当前用户信息 - 未授权', async ({ request }) => {
// 不带 Token 请求
const response = await request.get(`${API_BASE}/api/auth/me`);
// 应该返回 401 或未授权错误
const data = await response.json();
expect(data.code).not.toBe(200);
console.log('✓ 获取当前用户信息 - 未授权场景');
});
test('TC-AUTH-003: 获取当前用户信息 - 返回完整用户信息', async ({ request, loginViaAPI }) => {
const { token } = await loginViaAPI('platform');
const response = await request.get(`${API_BASE}/api/auth/me`, {
headers: {
Authorization: `Bearer ${token}`,
},
});
const data = await response.json();
// 验证返回的字段
expect(data.data.id).toBeTruthy();
expect(data.data.username).toBeTruthy();
expect(data.data.nickname).toBeTruthy();
expect(data.data.roles).toBeTruthy();
expect(data.data.permissions).toBeTruthy();
console.log('✓ 获取用户信息返回完整字段');
});
});
test.describe('Token 验证', () => {
test('Token 包含租户信息', async ({ request, loginViaAPI }) => {
const { token } = await loginViaAPI('platform');
// 验证 Token 格式JWT
expect(token).toBeTruthy();
expect(token.split('.').length).toBe(3);
console.log('✓ Token 格式正确JWT');
});
test.skip('不同租户的 Token 隔离', async ({ request, loginViaAPI }) => {
// 跳过:需要多个租户数据
console.log('跳过:不同租户的 Token 隔离(需要多个租户数据)');
});
});
});
Reference in New Issue View Git Blame Copy Permalink