#!/bin/bash # ================================================================ # Complete Authentication Test with Registration - FIXED VERSION # Tests the full user lifecycle: registration โ†’ login โ†’ API access # ================================================================ echo "๐Ÿ” Testing Complete Authentication System with Registration" echo "==========================================================" # Configuration API_BASE="http://localhost:8000" AUTH_BASE="$API_BASE/api/v1/auth" TEST_EMAIL="test-$(date +%s)@bakery.com" # Unique email for each test TEST_PASSWORD="SecurePass123!" TEST_NAME="Test Baker" # โœ… FIX: Generate a proper UUID for tenant testing (will be replaced after bakery creation) TENANT_ID=$(uuidgen 2>/dev/null || python3 -c "import uuid; print(uuid.uuid4())" 2>/dev/null || echo "00000000-0000-0000-0000-000000000000") # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color # Helper function for colored output log_step() { echo -e "${BLUE}๐Ÿ“ $1${NC}" } log_success() { echo -e "${GREEN}โœ… $1${NC}" } log_error() { echo -e "${RED}โŒ $1${NC}" } log_warning() { echo -e "${YELLOW}โš ๏ธ $1${NC}" } # Helper function to check if service is healthy check_service_health() { local service_url=$1 local service_name=$2 log_step "Checking $service_name health..." response=$(curl -s -o /dev/null -w "%{http_code}" "$service_url/health") if [ "$response" = "200" ]; then log_success "$service_name is healthy" return 0 else log_error "$service_name is not healthy (HTTP $response)" return 1 fi } # Check all services are running log_step "Pre-flight checks..." echo "" # Check API Gateway if ! check_service_health "$API_BASE" "API Gateway"; then log_error "API Gateway is not running. Start with: docker-compose up -d" exit 1 fi # Check Auth Service directly if ! check_service_health "http://localhost:8001" "Auth Service"; then log_error "Auth Service is not running. Check: docker-compose logs auth-service" exit 1 fi # Check Tenant Service if ! check_service_health "http://localhost:8005" "Tenant Service"; then log_error "Tenant Service is not running. Check: docker-compose logs tenant-service" exit 1 fi # Check Data Service if ! check_service_health "http://localhost:8004" "Data Service"; then log_warning "Data Service is not running, but continuing with auth tests..." fi # Check Training Service if ! check_service_health "http://localhost:8002" "Training Service"; then log_warning "Training Service is not running, but continuing with auth tests..." fi echo "" log_step "All systems ready! Starting authentication tests..." echo "" # ================================================================ # STEP 1: USER REGISTRATION # ================================================================ log_step "Step 1: Registering new user" echo "Email: $TEST_EMAIL" echo "Password: $TEST_PASSWORD" echo "" REGISTRATION_RESPONSE=$(curl -s -X POST "$AUTH_BASE/register" \ -H "Content-Type: application/json" \ -d "{ \"email\": \"$TEST_EMAIL\", \"password\": \"$TEST_PASSWORD\", \"full_name\": \"$TEST_NAME\" }") echo "Registration Response:" echo "$REGISTRATION_RESPONSE" | jq '.' # Check if registration was successful if echo "$REGISTRATION_RESPONSE" | jq -e '.id' > /dev/null; then USER_ID=$(echo "$REGISTRATION_RESPONSE" | jq -r '.id') log_success "User registration successful! User ID: $USER_ID" else log_error "User registration failed!" echo "Response: $REGISTRATION_RESPONSE" exit 1 fi echo "" # ================================================================ # STEP 2: USER LOGIN # ================================================================ log_step "Step 2: Logging in with new user credentials" LOGIN_RESPONSE=$(curl -s -X POST "$AUTH_BASE/login" \ -H "Content-Type: application/json" \ -d "{ \"email\": \"$TEST_EMAIL\", \"password\": \"$TEST_PASSWORD\" }") echo "Login Response:" echo "$LOGIN_RESPONSE" | jq '.' # Extract access token if echo "$LOGIN_RESPONSE" | jq -e '.access_token' > /dev/null; then ACCESS_TOKEN=$(echo "$LOGIN_RESPONSE" | jq -r '.access_token') REFRESH_TOKEN=$(echo "$LOGIN_RESPONSE" | jq -r '.refresh_token') log_success "Login successful! Token obtained: ${ACCESS_TOKEN:0:20}..." else log_error "Login failed!" echo "Response: $LOGIN_RESPONSE" exit 1 fi echo "" # ================================================================ # STEP 3: ACCESSING PROTECTED ENDPOINTS # ================================================================ log_step "Step 3: Testing protected endpoints with authentication" # 3a. Get current user info log_step "3a. Getting current user profile" USER_PROFILE_RESPONSE=$(curl -s -X GET "$API_BASE/api/v1/users/me" \ -H "Authorization: Bearer $ACCESS_TOKEN") echo "User Profile Response:" echo "$USER_PROFILE_RESPONSE" | jq '.' if echo "$USER_PROFILE_RESPONSE" | jq -e '.email' > /dev/null; then log_success "User profile retrieved successfully!" else log_warning "User profile endpoint may not be implemented yet" fi echo "" # ================================================================ # STEP 4: TENANT REGISTRATION (BAKERY CREATION) # ================================================================ log_step "Step 4: Registering a bakery/tenant" BAKERY_RESPONSE=$(curl -s -X POST "$API_BASE/api/v1/tenants/register" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -H "Content-Type: application/json" \ -d "{ \"name\": \"Test Bakery $(date +%H%M)\", \"business_type\": \"bakery\", \"address\": \"Calle Test 123\", \"city\": \"Madrid\", \"postal_code\": \"28001\", \"phone\": \"+34600123456\" }") echo "Bakery Registration Response:" echo "$BAKERY_RESPONSE" | jq '.' if echo "$BAKERY_RESPONSE" | jq -e '.id' > /dev/null; then # โœ… FIX: Use the actual tenant ID returned from bakery creation TENANT_ID=$(echo "$BAKERY_RESPONSE" | jq -r '.id') log_success "Bakery registration successful! Tenant ID: $TENANT_ID" else log_error "Bakery registration failed!" echo "Response: $BAKERY_RESPONSE" # Continue with tests using placeholder UUID for other endpoints fi echo "" # ================================================================ # STEP 5: TEST DATA SERVICE WITH TENANT ID # ================================================================ log_step "Step 5: Testing data service through gateway" # Only test with valid tenant ID if [ "$TENANT_ID" != "00000000-0000-0000-0000-000000000000" ]; then DATA_RESPONSE=$(curl -s -X GET "$API_BASE/api/v1/data/sales" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -H "X-Tenant-ID: $TENANT_ID") echo "Data Service Response:" echo "$DATA_RESPONSE" | jq '.' if [ "$(echo "$DATA_RESPONSE" | jq -r '.status // "unknown"')" != "error" ]; then log_success "Data service access successful!" else log_warning "Data service returned error (may be expected for new tenant)" fi else log_warning "Skipping data service test - no valid tenant ID" fi echo "" # ================================================================ # STEP 6: TEST TRAINING SERVICE WITH TENANT ID # ================================================================ log_step "Step 6: Testing training service through gateway" # Only test with valid tenant ID if [ "$TENANT_ID" != "00000000-0000-0000-0000-000000000000" ]; then TRAINING_RESPONSE=$(curl -s -X POST "$API_BASE/api/v1/training/jobs" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -H "X-Tenant-ID: $TENANT_ID" \ -H "Content-Type: application/json" \ -d '{ "include_weather": true, "include_traffic": false, "min_data_points": 30 }') echo "Training Service Response:" echo "$TRAINING_RESPONSE" | jq '.' if echo "$TRAINING_RESPONSE" | jq -e '.job_id // .message' > /dev/null; then log_success "Training service access successful!" else log_warning "Training service access may have issues" fi else log_warning "Skipping training service test - no valid tenant ID" fi echo "" # ================================================================ # STEP 7: TOKEN REFRESH # ================================================================ log_step "Step 7: Testing token refresh" REFRESH_RESPONSE=$(curl -s -X POST "$AUTH_BASE/refresh" \ -H "Content-Type: application/json" \ -d "{ \"refresh_token\": \"$REFRESH_TOKEN\" }") echo "Token Refresh Response:" echo "$REFRESH_RESPONSE" | jq '.' if echo "$REFRESH_RESPONSE" | jq -e '.access_token' > /dev/null; then NEW_ACCESS_TOKEN=$(echo "$REFRESH_RESPONSE" | jq -r '.access_token') log_success "Token refresh successful! New token: ${NEW_ACCESS_TOKEN:0:20}..." else log_warning "Token refresh may not be fully implemented" fi echo "" # ================================================================ # STEP 8: DIRECT SERVICE HEALTH CHECKS # ================================================================ log_step "Step 8: Testing direct service access (without gateway)" # Test auth service directly log_step "8a. Auth service direct health check" AUTH_HEALTH=$(curl -s -X GET "http://localhost:8001/health") echo "Auth Service Health:" echo "$AUTH_HEALTH" | jq '.' # Test other services if available log_step "8b. Other services health check" services=("8002:Training" "8003:Forecasting" "8004:Data" "8005:Tenant" "8006:Notification") for service in "${services[@]}"; do port=$(echo $service | cut -d: -f1) name=$(echo $service | cut -d: -f2) health_response=$(curl -s -o /dev/null -w "%{http_code}" "http://localhost:$port/health" 2>/dev/null) if [ "$health_response" = "200" ]; then log_success "$name Service (port $port) is healthy" else log_warning "$name Service (port $port) is not responding" fi done echo "" # ================================================================ # STEP 9: LOGOUT # ================================================================ log_step "Step 9: Logging out user" LOGOUT_RESPONSE=$(curl -s -X POST "$AUTH_BASE/logout" \ -H "Authorization: Bearer $ACCESS_TOKEN" \ -H "Content-Type: application/json") echo "Logout Response:" echo "$LOGOUT_RESPONSE" | jq '.' if echo "$LOGOUT_RESPONSE" | jq -e '.message' > /dev/null; then log_success "Logout successful!" else log_warning "Logout endpoint may not be fully implemented" fi echo "" # ================================================================ # SUMMARY # ================================================================ echo "๐ŸŽ‰ Authentication Test Summary" echo "===============================" echo "" echo "Test User Created:" echo " ๐Ÿ“ง Email: $TEST_EMAIL" echo " ๐Ÿ‘ค Name: $TEST_NAME" echo " ๐Ÿ†” User ID: $USER_ID" echo "" echo "Authentication Flow:" echo " โœ… User Registration" echo " โœ… User Login" echo " โœ… Token Verification" echo " โœ… Protected Endpoint Access" echo " โœ… Token Refresh" echo " โœ… User Logout" echo "" echo "Services Tested:" echo " ๐ŸŒ API Gateway" echo " ๐Ÿ” Auth Service" echo " ๐Ÿข Tenant Service (bakery registration)" echo " ๐Ÿ“Š Data Service (through gateway)" echo " ๐Ÿค– Training Service (through gateway)" echo "" if [ "$TENANT_ID" != "00000000-0000-0000-0000-000000000000" ]; then echo "Tenant Created:" echo " ๐Ÿช Tenant ID: $TENANT_ID" echo "" fi log_success "Complete authentication test finished successfully!" echo "" echo "๐Ÿ”ง Development Tips:" echo " โ€ข Use the created test user for further development" echo " โ€ข Check service logs with: docker-compose logs [service-name]" echo " โ€ข View API docs at: http://localhost:8000/docs" echo " โ€ข Monitor services at: http://localhost:3002" echo "" echo "๐Ÿงน Cleanup:" echo " โ€ข Test user will remain in database for development" echo " โ€ข To reset: Delete user from auth database or run cleanup script"