188-template-179
/
mini-starter
Fork de 155-template-138/mini-starter


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349
							import { describe, it, expect, beforeEach } from 'vitest';
import { testClient } from 'hono/testing';
import {
  IntegrationTestDatabase,
  setupIntegrationDatabaseHooksWithEntities,
} from '@d8d/shared-test-util';
import { Role, UserEntity, UserService } from '@d8d/core-module/user-module';
import { File } from '@d8d/core-module/file-module';
import { Company } from '@d8d/allin-company-module/entities';
import { Platform } from '@d8d/allin-platform-module/entities';
import {
  DisabledPerson,
  DisabledBankCard,
  DisabledPhoto,
  DisabledRemark,
  DisabledVisit
} from '@d8d/allin-disability-module/entities';
import { BankName } from '@d8d/bank-names-module/entities';
import { EmploymentOrder, OrderPerson, OrderPersonAsset } from '@d8d/allin-order-module/entities';
import { talentAuthRoutes } from '../../src/routes/index';
import { AuthService } from '../../src/services/index';
import { DisabledStatus, UserType } from '@d8d/shared-types';
import { TestDataFactory } from '../utils/test-data-factory';

// 设置集成测试钩子，包含残疾人实体和公司实体（UserEntity依赖Company）
setupIntegrationDatabaseHooksWithEntities([
  UserEntity, Role, File,
  DisabledPerson, DisabledBankCard, DisabledPhoto, DisabledRemark, DisabledVisit,
  Company, Platform, BankName, EmploymentOrder, OrderPerson, OrderPersonAsset
])

describe('人才用户认证API集成测试', () => {
  let client: ReturnType<typeof testClient<typeof talentAuthRoutes>>;
  let authService: AuthService;
  let userService: UserService;
  let testToken: string;
  let testUser: any;
  let testPerson: any;
  let testIdCard: string;
  let testDisabilityId: string;

  beforeEach(async () => {
    // 创建测试客户端
    client = testClient(talentAuthRoutes);

    // 获取数据源
    const dataSource = await IntegrationTestDatabase.getDataSource();

    // 确保数据源已初始化
    if (!dataSource.isInitialized) {
      await dataSource.initialize();
    }

    // 初始化服务
    userService = new UserService(dataSource);
    authService = new AuthService(userService);

    // 创建测试人才用户（包含残疾人记录）
    const talentData = await TestDataFactory.createTestTalentUser(
      dataSource,
      {
        username: 'talent_user',
        password: 'TalentPass123!',
        email: 'talent@example.com',
        phone: '13800138001'
      },
      {
        name: '张三',
        idCard: '110101199001011234',
        disabilityId: 'D12345678',
        phone: '13800138001'
      }
    );

    testUser = talentData.user;
    testPerson = talentData.person;
    testIdCard = testPerson.idCard;
    testDisabilityId = testPerson.disabilityId;

    // 生成测试用户的token
    testToken = authService.generateToken(testUser);
  });

  describe('人才用户登录端点测试 (POST /auth/login)', () => {
    it('应该使用身份证号和正确密码成功登录', async () => {
      const loginData = {
        identifier: testIdCard,
        password: 'TalentPass123!'
      };

      const response = await client.login.$post({
        json: loginData
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const responseData = await response.json();
        expect(responseData).toHaveProperty('token');
        expect(responseData).toHaveProperty('user');
        expect(responseData.user.username).toBe('talent_user');
        expect(responseData.user.userType).toBe(UserType.TALENT);
        expect(responseData.user.personId).toBe(testPerson.id);
        expect(responseData.user.personInfo).toBeDefined();
        expect(responseData.user.personInfo.name).toBe('张三');
        expect(responseData.user.personInfo.idCard).toBe(testIdCard);
        expect(typeof responseData.token).toBe('string');
        expect(responseData.token.length).toBeGreaterThan(0);
      }
    });

    it('应该使用残疾证号和正确密码成功登录', async () => {
      const loginData = {
        identifier: testDisabilityId,
        password: 'TalentPass123!'
      };

      const response = await client.login.$post({
        json: loginData
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const responseData = await response.json();
        expect(responseData).toHaveProperty('token');
        expect(responseData).toHaveProperty('user');
        expect(responseData.user.username).toBe('talent_user');
        expect(responseData.user.personInfo).toBeDefined();
        expect(responseData.user.personInfo.disabilityId).toBe(testDisabilityId);
      }
    });

    it('应该拒绝错误密码的登录', async () => {
      const loginData = {
        identifier: testIdCard,
        password: 'WrongPassword123!'
      };

      const response = await client.login.$post({
        json: loginData
      });

      expect(response.status).toBe(401);
      if (response.status === 401) {
        const responseData = await response.json();
        expect(responseData.message).toContain('身份证号或密码错误');
      }
    });

    it('应该拒绝不存在的身份证号登录', async () => {
      const loginData = {
        identifier: '999999999999999999',
        password: 'TalentPass123!'
      };

      const response = await client.login.$post({
        json: loginData
      });

      expect(response.status).toBe(401);
      if (response.status === 401) {
        const responseData = await response.json();
        expect(responseData.message).toContain('身份证号或密码错误');
      }
    });

    it('应该拒绝非人才用户登录（用户类型不是talent）', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      // 创建非人才用户
      await TestDataFactory.createTestUser(dataSource, {
        username: 'non_talent_user',
        password: 'Password123!',
        email: 'non_talent@example.com',
        phone: '13800138002',
        userType: UserType.ADMIN,
        personId: testPerson.id  // 关联残疾人记录但用户类型不是talent
      });

      const loginData = {
        identifier: testIdCard,
        password: 'Password123!'
      };

      const response = await client.login.$post({
        json: loginData
      });

      expect(response.status).toBe(401);
      if (response.status === 401) {
        const responseData = await response.json();
        // 由于getTalentUserByIdentifier只查询TALENT类型用户，非人才用户会被视为不存在
        // 这是更安全的做法，不透露用户存在性信息
        expect(responseData.message).toContain('身份证号或密码错误');
      }
    });

    it('应该拒绝禁用账户的登录', async () => {
      // 禁用测试用户
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const userRepository = dataSource.getRepository(UserEntity);
      await userRepository.update(testUser.id, { isDisabled: DisabledStatus.DISABLED });

      const loginData = {
        identifier: testIdCard,
        password: 'TalentPass123!'
      };

      const response = await client.login.$post({
        json: loginData
      });

      expect(response.status).toBe(401);
      if (response.status === 401) {
        const responseData = await response.json();
        expect(responseData.message).toContain('账户已禁用');
      }
    });
  });

  describe('人才用户信息端点测试 (GET /auth/me)', () => {
    it('应该成功获取人才用户信息，包含残疾人详细信息', async () => {
      const response = await client.me.$get({},{
        headers: {
          Authorization: `Bearer ${testToken}`
        }
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const responseData = await response.json();
        expect(responseData.username).toBe('talent_user');
        expect(responseData.userType).toBe(UserType.TALENT);
        expect(responseData.personId).toBe(testPerson.id);
        expect(responseData.personInfo).toBeDefined();
        expect(responseData.personInfo.name).toBe('张三');
        expect(responseData.personInfo.idCard).toBe(testIdCard);
        expect(responseData.personInfo.disabilityId).toBe(testDisabilityId);
        expect(responseData.personInfo.phone).toBe('13800138001');
      }
    });

    it('应该拒绝无效令牌的访问', async () => {
      const response = await client.me.$get({},{
        headers: {
          Authorization: 'Bearer invalid_token'
        }
      });

      expect(response.status).toBe(401);
    });

    it('应该拒绝缺少令牌的访问', async () => {
      const response = await client.me.$get();

      expect(response.status).toBe(401);
    });
  });

  describe('人才用户退出登录端点测试 (POST /auth/logout)', () => {
    it('应该成功退出登录', async () => {
      const response = await client.logout.$post({},{
        headers: {
          Authorization: `Bearer ${testToken}`
        }
      });

      expect(response.status).toBe(200);
      if (response.status === 200) {
        const responseData = await response.json();
        expect(responseData.message).toBe('登出成功');
      }
    });

    it('应该拒绝无效令牌的退出登录', async () => {
      const response = await client.logout.$post({},{
        headers: {
          Authorization: 'Bearer invalid_token'
        }
      });

      expect(response.status).toBe(401);
    });
  });

  describe('人才用户权限验证', () => {
    it('verifyTalentUser方法应该正确识别人才用户', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const userService = new UserService(dataSource);
      const authService = new AuthService(userService);

      const isTalentUser = await authService.verifyTalentUser(testUser.id);
      expect(isTalentUser).toBe(true);

      // 创建非人才用户测试
      const nonTalentUserData = await TestDataFactory.createTestUser(dataSource, {
        username: 'non_talent_user2',
        password: 'Password123!',
        email: 'non_talent2@example.com',
        phone: '13800138003',
        userType: UserType.ADMIN
      });

      const isNonTalentUser = await authService.verifyTalentUser(nonTalentUserData.id);
      expect(isNonTalentUser).toBe(false);
    });
  });

  describe('数据查询方法测试', () => {
    it('getDisabledPersonByIdentifier应该能通过身份证号查询残疾人', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const userService = new UserService(dataSource);

      const person = await userService.getDisabledPersonByIdentifier(testIdCard);
      expect(person).toBeDefined();
      expect(person?.id).toBe(testPerson.id);
      expect(person?.name).toBe('张三');
    });

    it('getDisabledPersonByIdentifier应该能通过残疾证号查询残疾人', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const userService = new UserService(dataSource);

      const person = await userService.getDisabledPersonByIdentifier(testDisabilityId);
      expect(person).toBeDefined();
      expect(person?.id).toBe(testPerson.id);
      expect(person?.name).toBe('张三');
    });

    it('getUserByPersonId应该能通过person_id查询用户', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const userService = new UserService(dataSource);

      const user = await userService.getUserByPersonId(testPerson.id);
      expect(user).toBeDefined();
      expect(user?.id).toBe(testUser.id);
      expect(user?.username).toBe('talent_user');
    });

    it('getTalentUserByIdentifier应该能通过身份证号查询完整人才用户信息', async () => {
      const dataSource = await IntegrationTestDatabase.getDataSource();
      const userService = new UserService(dataSource);

      const user = await userService.getTalentUserByIdentifier(testIdCard);
      expect(user).toBeDefined();
      expect(user?.id).toBe(testUser.id);
      expect(user?.personId).toBe(testPerson.id);
      expect(user?.userType).toBe(UserType.TALENT);
    });
  });
});