Merge pull request #13 from shallwet/test-01

fix: backend check password and username during register
codycjy · Feb 8, 2024 · 700b9f0 · 700b9f0
2 parents 52a6146 + bd9da5f
commit 700b9f0
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 6 deletions.
diff --git a/master/api/user/user.go b/master/api/user/user.go
@@ -148,6 +148,24 @@ func CreateUser(c *gin.Context) {
 		})
 		return
 	}
+	if user.Username == "" || user.Password == "" {
+		c.JSON(http.StatusBadRequest, api.ErrorResponse{
+			Succeed: false,
+			Error:   "Username or Password is empty",
+			Message: "Username or Password is empty",
+			TraceID: traceID,
+		})
+		return
+	}
+	if len(user.Password) < 8 || len(user.Password) > 16 {
+		c.JSON(http.StatusBadRequest, api.ErrorResponse{
+			Succeed: false,
+			Error:   "Password length should be between 8 and 16",
+			Message: "Password length should be between 8 and 16",
+			TraceID: traceID,
+		})
+		return
+	}
 	userService, err := userservice.GetService(c)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, api.ErrorResponse{
@@ -156,6 +174,7 @@ func CreateUser(c *gin.Context) {
 			Message: "User service not initialized",
 			TraceID: traceID,
 		})
+		return
 	}
 	serviceErr := userService.Create(c, user)
 	if serviceErr != nil {
@@ -210,6 +229,7 @@ func UpdateUser(c *gin.Context) {
 			Message: "User service not initialized",
 			TraceID: traceID,
 		})
+		return
 	}
 	serviceErr := userService.Update(c, user)
 

diff --git a/master/test/data/auth_test_data.yml b/master/test/data/auth_test_data.yml
@@ -1,11 +1,13 @@
 test_login:
-  - ["user exist", "testuser1",'123456','nil']
-  - ["user not exist", "testuser2",'123456','Wrong Username or Password']
+  - ["user exist", "testuser1",'12345678','nil']
+  - ["user not exist", "testuser2",'12345678','Wrong Username or Password']
   - ['user with wrong password','testuser1','wrongpassword','Wrong Username or Password']
 
 test_register:
-  - ["user not exist", "registeruser1",'123456','nil']
-  - ["user exist", "testuser1",'123456','failed create user']
+  - ["user not exist", "registeruser1",'12345678','nil']
+  - ["user exist", "testuser1",'12345678','failed create user']
+  - ["user with None username",'','','Username or Password is empty']
+  - ["user with too short password","shortpwduser","123456","Password length should be between 8 and 16"]
 
 test_token:
     - ["user with token",'1']

diff --git a/master/test/testcase/test_auth_api.py b/master/test/testcase/test_auth_api.py
@@ -12,9 +12,9 @@ def setup_class(self):
         self.root_url = "http://localhost:9333/api/v1/"
         self.req_session = requests.Session()
         # 添加测试用户
-        rep0 = self.req_session.post(self.root_url + 'register', json={"username": 'testuser1', "password": '123456'})
+        rep0 = self.req_session.post(self.root_url + 'register', json={"username": 'testuser1', "password": '12345678'})
         # 获取token
-        rep = self.req_session.post(self.root_url + 'login', json={"username": 'testuser1', "password": '123456'})
+        rep = self.req_session.post(self.root_url + 'login', json={"username": 'testuser1', "password": '12345678'})
         self.token = rep.json()['token']
 
     @allure.story("登录")