arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

🧪 test: add JWT edge case scenarios with validation endpoint

Browse Source 
- Add expired JWT token scenario

- Add wrong secret JWT token scenario

- Add malformed JWT token scenario

- Implement /api/v1/auth/validate endpoint

- Add JWT parsing and validation to BDD steps

Generated by Mistral Vibe.

Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
This commit is contained in:
Gabriel Radureau
2026-04-07 18:21:56 +02:00
parent 81e0afe1c7
commit f39a0df338
15 changed files with 1012 additions and 405 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
adr/0019-postgresql-integration.md
View File

@@ -206,9 +206,10 @@ The PostgreSQL integration follows established DanceLessonsCoach patterns:
- Add PostgreSQL-specific connection management
3. **Docker Setup:**
- Create `docker-compose.yml` with PostgreSQL service
- Create `docker-compose.yml` with PostgreSQL 16 service (current stable version)
- Add initialization scripts for development
- Configure health checks and monitoring
- Use Alpine-based image for smaller footprint
4. **Configuration:**
- Add `DatabaseConfig` to existing config structure
@@ -235,17 +236,33 @@ The PostgreSQL integration follows established DanceLessonsCoach patterns:
#### Phase 3: Testing & Validation
1. **BDD Test Integration:**
- Temporary test database setup using testcontainers
- Clean database between scenarios
- Test data isolation and transaction management
- Updated test server configuration with PostgreSQL settings
- Automatic PostgreSQL container startup in test script
- Health checks for database readiness before tests
- **Separate BDD test database** (`dance_lessons_coach_bdd_test`)
- Complete isolation from development/production databases
2. **Unit & Integration Tests:**
2. **Test Script Enhancement:**
- `scripts/run-bdd-tests.sh` now starts PostgreSQL if needed
- **Automatic BDD database creation** using `createdb` command
- Checks for existing BDD database before creating
- Waits for database readiness before running tests
- Proper error handling and timeout management
- Reuses existing container if already running
3. **Database Isolation Strategy:**
- **Development**: `dance_lessons_coach` (config.yaml)
- **BDD Tests**: `dance_lessons_coach_bdd_test` (automatically created)
- **Production**: Custom name per environment
- **Manual Testing**: Developers can use development database
3. **Unit & Integration Tests:**
- Repository method testing with PostgreSQL
- Transaction and error case testing
- Performance benchmarks
- Connection failure scenarios
3. **Graceful Shutdown Testing:**
4. **Graceful Shutdown Testing:**
- Database connection cleanup during shutdown
- Readiness endpoint behavior during shutdown
- Connection pool behavior under stress
@@ -520,7 +537,41 @@ The implementation maintains full backward compatibility:
4. Should we add database connection health metrics?
5. What query timeout should we set for production?
## BDD Testing Strategy
## Database Cleanup Strategy
### Decision: Raw SQL Cleanup Between Scenarios
**Approach:** Use raw SQL DELETE statements with `SET CONSTRAINTS ALL DEFERRED` to clean up database between test scenarios
**Rationale:**
- **Black Box Principle:** BDD tests should not depend on implementation details
- **Foreign Key Safety:** `SET CONSTRAINTS ALL DEFERRED` allows proper handling of constraints (PostgreSQL docs: https://www.postgresql.org/docs/current/sql-set-constraints.html)
- **Migration Compatibility:** Works regardless of schema changes
- **Transaction Safety:** Uses explicit transactions with proper rollback handling
**Alternatives Considered:**
1. **Repository-based cleanup** - Rejected: Violates black box principle
2. **Transaction rollback** - Rejected: Complex with nested transactions
3. **Recreate database** - Rejected: Too slow for frequent test runs
4. **Separate test database** - Chosen: Combined with SQL cleanup
### Implementation Details
**Cleanup Process:**
1. **Disable constraints temporarily:** `SET CONSTRAINTS ALL DEFERRED`
2. **Query all tables:** From `information_schema.tables`
3. **Delete in reverse order:** Handle foreign key dependencies
4. **Reset sequences:** `ALTER SEQUENCE ... RESTART WITH 1`
**Execution Timing:**
- **AfterSuite:** Full cleanup after all scenarios
- **Between Scenarios:** Individual scenario cleanup (future enhancement)
**Benefits:**
- ✅ **Fast execution:** Milliseconds vs seconds for recreation
- ✅ **Reliable:** Handles schema changes automatically
- ✅ **Isolated:** Each test gets clean state
- ✅ **Maintainable:** No dependency on ORM or repositories
### Temporary Database Approach
@@ -638,7 +689,8 @@ func AfterScenario(ctx context.Context, sc *godog.Scenario, err error) (context.
## References
- [GORM Documentation](https://gorm.io/)
- [PostgreSQL Documentation](https://www.postgresql.org/docs/)
- [PostgreSQL 16 Documentation](https://www.postgresql.org/docs/16/)
- [PostgreSQL Latest Version](https://www.postgresql.org/)
- [GORM + PostgreSQL Guide](https://gorm.io/docs/connecting_to_the_database.html#PostgreSQL)
- [Database Connection Pooling](https://www.alexedwards.net/blog/configuring-sqldb)