GenarrativeAI/Genarrative
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add baby object match edutainment flow
Some checks failed
CI / verify (push) Has been cancelled
Details

Browse Source
This commit is contained in:
五香丸子
2026-05-12 16:08:59 +08:00
parent cf074837a4
commit d41f260a2a
58 changed files with 5628 additions and 466 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
server-rs/crates/api-server/src/app.rs
View File

@@ -4053,6 +4053,108 @@ mod tests {
assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
}
#[tokio::test]
async fn password_reset_allows_login_with_new_password_only() {
let config = AppConfig {
sms_auth_enabled: true,
..AppConfig::default()
};
let state = AppState::new(config).expect("state should build");
seed_phone_user_with_password(&state, "13800138026", TEST_PASSWORD).await;
let app = build_router(state);
let send_code_response = app
.clone()
.oneshot(
Request::builder()
.method("POST")
.uri("/api/auth/phone/send-code")
.header("content-type", "application/json")
.body(Body::from(
serde_json::json!({
"phone": "13800138026",
"scene": "reset_password"
})
.to_string(),
))
.expect("reset code request should build"),
)
.await
.expect("reset code request should succeed");
assert_eq!(send_code_response.status(), StatusCode::OK);
let reset_response = app
.clone()
.oneshot(
Request::builder()
.method("POST")
.uri("/api/auth/password/reset")
.header("content-type", "application/json")
.body(Body::from(
serde_json::json!({
"phone": "13800138026",
"code": "123456",
"newPassword": "secret456"
})
.to_string(),
))
.expect("reset password request should build"),
)
.await
.expect("reset password request should succeed");
assert_eq!(reset_response.status(), StatusCode::OK);
assert!(
reset_response
.headers()
.get("set-cookie")
.and_then(|value| value.to_str().ok())
.is_some_and(|value| value.contains("genarrative_refresh_session="))
);
let old_password_response =
password_login_request(app.clone(), "13800138026", TEST_PASSWORD).await;
assert_eq!(old_password_response.status(), StatusCode::UNAUTHORIZED);
let new_password_response = password_login_request(app, "13800138026", "secret456").await;
assert_eq!(new_password_response.status(), StatusCode::OK);
}
#[tokio::test]
async fn password_change_allows_login_with_new_password_only() {
let state = AppState::new(AppConfig::default()).expect("state should build");
let seed_user = seed_phone_user_with_password(&state, "13800138027", TEST_PASSWORD).await;
let token = sign_test_user_token(&state, &seed_user, "sess_password_change");
let app = build_router(state);
let change_response = app
.clone()
.oneshot(
Request::builder()
.method("POST")
.uri("/api/auth/password/change")
.header("authorization", format!("Bearer {token}"))
.header("content-type", "application/json")
.body(Body::from(
serde_json::json!({
"currentPassword": TEST_PASSWORD,
"newPassword": "secret456"
})
.to_string(),
))
.expect("change password request should build"),
)
.await
.expect("change password request should succeed");
assert_eq!(change_response.status(), StatusCode::OK);
let old_password_response =
password_login_request(app.clone(), "13800138027", TEST_PASSWORD).await;
assert_eq!(old_password_response.status(), StatusCode::UNAUTHORIZED);
let new_password_response = password_login_request(app, "13800138027", "secret456").await;
assert_eq!(new_password_response.status(), StatusCode::OK);
}
#[tokio::test]
async fn password_entry_rejects_email_or_username_identifier() {
let app = build_router(AppState::new(AppConfig::default()).expect("state should build"));