wip

.gitignore

@@ -0,0 +1,2 @@
+reader_cookies.txt
+admin_cookies.txt

cookies.txt

@@ -1,5 +0,0 @@
-# Netscape HTTP Cookie File
-# https://curl.haxx.se/docs/http-cookies.html
-# This file was generated by libcurl! Edit at your own risk.
-
-#HttpOnly_localhost	FALSE	/	FALSE	1763753445	access_token	eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbiIsInJvbGUiOiJhZG1pbiIsImV4cCI6MTc2Mzc1MzQ0NX0.-n86_vvqIdgpcOXAO7xk_f2Ka1ZQYtRNqbjo3iijz6k

justfile

@@ -1,3 +1,6 @@
+default:
+    @just --choose
+
 start-auth:
     ./main_auth.py &
 
@@ -18,3 +21,60 @@ logs-nginx:
 
 stop-nginx:
     docker stop nginx
+
+# JWT Authentication Tests
+test-login-admin:
+    @echo "=== Testing admin login ==="
+    curl -c admin_cookies.txt -X POST \
+    -H "Authorization: Basic $(echo -n 'admin:admin' | base64)" \
+    http://localhost:8000/login 2>/dev/null
+    @echo "\n✅ Admin logged in, cookies saved to admin_cookies.txt"
+
+test-login-reader:
+    @echo "=== Testing reader login ==="
+    curl -c reader_cookies.txt -X POST \
+    -H "Authorization: Basic $(echo -n 'reader:reader' | base64)" \
+    http://localhost:8000/login 2>/dev/null  
+    @echo "\n✅ Reader logged in, cookies saved to reader_cookies.txt"
+
+test-admin-access:
+    @echo "=== Testing admin access to /admin/ ==="
+    @curl -b admin_cookies.txt -w "Status: %{http_code}" \
+    http://localhost:8000/admin/ 2>/dev/null | tail -1
+    @echo "\n✅ Admin should have 200 status"
+
+test-reader-blocked:
+    @echo "=== Testing reader blocked from /admin/ ==="
+    @curl -b reader_cookies.txt -w "Status: %{http_code}" \
+    http://localhost:8000/admin/ 2>/dev/null | tail -1
+    @echo "\n🚫 Reader should have 403 status"
+
+test-whoami-admin:
+    @echo "=== Admin user info ==="
+    @curl -b admin_cookies.txt http://localhost:5115/me 2>/dev/null | jq .
+    
+test-whoami-reader:
+    @echo "=== Reader user info ==="
+    @curl -b reader_cookies.txt http://localhost:5115/me 2>/dev/null | jq .
+
+test-logout:
+    @echo "=== Testing logout ==="
+    curl -b admin_cookies.txt http://localhost:8000/logout 2>/dev/null
+    @echo "✅ Logged out"
+
+test-full-flow:
+    @echo "🔐 Running full JWT authentication test suite"
+    @echo "================================================="
+    just test-login-admin
+    just test-login-reader
+    just test-whoami-admin
+    just test-whoami-reader  
+    just test-admin-access
+    just test-reader-blocked
+    @echo "================================================="
+    @echo "✅ All tests completed!"
+
+clean-cookies:
+    @echo "🧹 Cleaning up cookie files"
+    rm -f admin_cookies.txt reader_cookies.txt cookies.txt
+    @echo "✅ Cookies cleaned"

reader_cookies.txt

@@ -1,5 +1,5 @@
 # Netscape HTTP Cookie File
-# https://curl.haxx.se/docs/http-cookies.html
+# https://curl.se/docs/http-cookies.html
 # This file was generated by libcurl! Edit at your own risk.
 
-#HttpOnly_localhost	FALSE	/	FALSE	1763753499	access_token	eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJyZWFkZXIiLCJyb2xlIjoicmVhZGVyIiwiZXhwIjoxNzYzNzUzNDk5fQ.VJipDyYYHl18pbb0XS8m5HBb-PLZ8VIz2eZT1ujgsG4
+#HttpOnly_localhost	FALSE	/	FALSE	1763754196	access_token	eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJyZWFkZXIiLCJyb2xlIjoicmVhZGVyIiwiZXhwIjoxNzYzNzU0MTk2fQ.G4lmnqksaHqX-36N_HFpn_NtrTh7H6Fq2zXrCDktMgg