waylon/learn-nginx-auth
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

wip

Browse source
This commit is contained in:
Waylon Walker 2025-11-21 13:13:57 -06:00
parent 13b6d1b78a
commit 298d3223f0
4 changed files with 64 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
reader_cookies.txt
admin_cookies.txt

5
cookies.txt
View file

@ -1,5 +0,0 @@
# Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
#HttpOnly_localhost FALSE / FALSE 1763753445 access_token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbiIsInJvbGUiOiJhZG1pbiIsImV4cCI6MTc2Mzc1MzQ0NX0.-n86_vvqIdgpcOXAO7xk_f2Ka1ZQYtRNqbjo3iijz6k

60
justfile
View file

@ -1,3 +1,6 @@
default:
@just --choose
start-auth: start-auth:
./main_auth.py & ./main_auth.py &
@ -18,3 +21,60 @@ logs-nginx:
stop-nginx: stop-nginx:
docker stop nginx docker stop nginx
# JWT Authentication Tests
test-login-admin:
@echo "=== Testing admin login ==="
curl -c admin_cookies.txt -X POST \
-H "Authorization: Basic $(echo -n 'admin:admin' | base64)" \
http://localhost:8000/login 2>/dev/null
@echo "\n✅ Admin logged in, cookies saved to admin_cookies.txt"
test-login-reader:
@echo "=== Testing reader login ==="
curl -c reader_cookies.txt -X POST \
-H "Authorization: Basic $(echo -n 'reader:reader' | base64)" \
http://localhost:8000/login 2>/dev/null
@echo "\n✅ Reader logged in, cookies saved to reader_cookies.txt"
test-admin-access:
@echo "=== Testing admin access to /admin/ ==="
@curl -b admin_cookies.txt -w "Status: %{http_code}" \
http://localhost:8000/admin/ 2>/dev/null | tail -1
@echo "\n✅ Admin should have 200 status"
test-reader-blocked:
@echo "=== Testing reader blocked from /admin/ ==="
@curl -b reader_cookies.txt -w "Status: %{http_code}" \
http://localhost:8000/admin/ 2>/dev/null | tail -1
@echo "\n🚫 Reader should have 403 status"
test-whoami-admin:
@echo "=== Admin user info ==="
@curl -b admin_cookies.txt http://localhost:5115/me 2>/dev/null | jq .
test-whoami-reader:
@echo "=== Reader user info ==="
@curl -b reader_cookies.txt http://localhost:5115/me 2>/dev/null | jq .
test-logout:
@echo "=== Testing logout ==="
curl -b admin_cookies.txt http://localhost:8000/logout 2>/dev/null
@echo "✅ Logged out"
test-full-flow:
@echo "🔐 Running full JWT authentication test suite"
@echo "================================================="
just test-login-admin
just test-login-reader
just test-whoami-admin
just test-whoami-reader
just test-admin-access
just test-reader-blocked
@echo "================================================="
@echo "✅ All tests completed!"
clean-cookies:
@echo "🧹 Cleaning up cookie files"
rm -f admin_cookies.txt reader_cookies.txt cookies.txt
@echo "✅ Cookies cleaned"

4
reader_cookies.txt
View file

@ -1,5 +1,5 @@
# Netscape HTTP Cookie File # Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html # https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk. # This file was generated by libcurl! Edit at your own risk.
#HttpOnly_localhost FALSE / FALSE 1763753499 access_token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJyZWFkZXIiLCJyb2xlIjoicmVhZGVyIiwiZXhwIjoxNzYzNzUzNDk5fQ.VJipDyYYHl18pbb0XS8m5HBb-PLZ8VIz2eZT1ujgsG4 #HttpOnly_localhost FALSE / FALSE 1763754196 access_token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJyZWFkZXIiLCJyb2xlIjoicmVhZGVyIiwiZXhwIjoxNzYzNzU0MTk2fQ.G4lmnqksaHqX-36N_HFpn_NtrTh7H6Fq2zXrCDktMgg