Kwaku Danso
3f8bc58ca9
Phase 1 — Core API (Go): - Events, guests, tokens, RSVPs CRUD on PostgreSQL via pgx/v5 - HMAC-signed per-guest tokens with format validation - Health endpoint with DB ping, slog JSON logging, graceful shutdown Phase 2 — NATS + Fraud Engine: - NATS JetStream pub/sub with explicit-ack consumers - Python/FastAPI fraud engine with heuristic risk scoring (fingerprint mismatch, IP change, missing signals, repeated access) - gRPC sync scoring with 250ms fail-open timeout - Per-guest baseline tracking; risk bands low/medium/high/block Phase 3 — Notifications + Frontend: - Notification worker scaffolding (Twilio/SES stubs, retry/backoff) - Nuxt 3 frontend with Tailwind dark theme + brand green - Live monitor via WebSocket with auto-reconnect - Activity history endpoint backfills monitor with RSVPs + scored access checks (including blocked attempts) UX polish: - Marketing-friendly landing page (hero mockup, how-it-works, features, use cases, testimonials, FAQ, final CTA) - Animated layered card mockups on landing + new-event page - Plus-ones stepper, RSVP status badges, filter buttons - Friendly access-check labels (Verified/Review/Suspicious/Blocked) - Dashboard hydration fix via ClientOnly wrapper Infrastructure: - docker-compose for full local dev (postgres, nats, api, fraud-engine, notifier, frontend) - Multi-stage Dockerfiles, non-root UID 1000 - Integration tests with testcontainers-go Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
49 lines
1.1 KiB
Go
49 lines
1.1 KiB
Go
package auth
|
|
|
|
import (
|
|
"strings"
|
|
"testing"
|
|
)
|
|
|
|
func TestGenerate_ProducesDistinctTokens(t *testing.T) {
|
|
g := NewGenerator()
|
|
seen := make(map[string]struct{})
|
|
for i := 0; i < 100; i++ {
|
|
raw, hash, err := g.Generate()
|
|
if err != nil {
|
|
t.Fatalf("generate: %v", err)
|
|
}
|
|
if !strings.HasPrefix(raw, "tk_") {
|
|
t.Errorf("expected tk_ prefix, got %q", raw)
|
|
}
|
|
if len(hash) != 64 {
|
|
t.Errorf("expected 64-char hex hash, got %d", len(hash))
|
|
}
|
|
if _, dup := seen[raw]; dup {
|
|
t.Fatal("duplicate token generated")
|
|
}
|
|
seen[raw] = struct{}{}
|
|
}
|
|
}
|
|
|
|
func TestHashToken_Stable(t *testing.T) {
|
|
if HashToken("tk_abc") != HashToken("tk_abc") {
|
|
t.Fatal("expected deterministic hash")
|
|
}
|
|
if HashToken("tk_abc") == HashToken("tk_xyz") {
|
|
t.Fatal("expected distinct hashes for distinct inputs")
|
|
}
|
|
}
|
|
|
|
func TestValidateFormat(t *testing.T) {
|
|
if err := ValidateFormat("tk_" + strings.Repeat("a", 40)); err != nil {
|
|
t.Errorf("expected valid, got %v", err)
|
|
}
|
|
if err := ValidateFormat("not-a-token"); err == nil {
|
|
t.Error("expected error for missing prefix")
|
|
}
|
|
if err := ValidateFormat("tk_short"); err == nil {
|
|
t.Error("expected error for too-short token")
|
|
}
|
|
}
|