Ilia Denisov
408da3f201
New public ingress and the first network edge. Framework + a vertical slice of operations end-to-end; remaining ops reuse the same transcode pattern in Stage 7. Contracts (new module scrabble/pkg): - push.proto (backend->gateway gRPC server-stream) + scrabble.fbs (FlatBuffers edge payloads), committed generated Go; buf/flatc Makefiles (dev-time codegen). Backend: - REST handlers on the /api/v1 groups: internal session endpoints (telegram/guest/email login -> mint, resolve, revoke) and the user slice (profile, submit_play, state, lobby enqueue/poll, chat). - internal/notify in-process Publisher hub + internal/pushgrpc gRPC server (BACKEND_GRPC_ADDR) streaming your_turn/opponent_moved/chat/nudge/match_found; emission in game.commit, social, matchmaker. - migration 00005 accounts.is_guest; guests are durable rows excluded from stats; ProvisionGuest; email-as-login (RequestLoginCode/LoginWithCode). Gateway (new module scrabble/gateway): - Connect Gateway service over h2c (Execute + Subscribe), FlatBuffers<->JSON transcode registry, Telegram initData HMAC validator (seam), session cache, token-bucket rate limiter (3 classes), push fan-out hub, backend REST + push gRPC client, admin Basic-Auth reverse proxy. go.work: use ./pkg, ./gateway + replace scrabble/pkg. CI: gateway/**, pkg/** path filters; unit build/vet/test span all three modules. Docs (PLAN, ARCHITECTURE, FUNCTIONAL+ru, TESTING, READMEs) updated; gateway/pkg unit tests + guest/email-login integration tests.
74 lines
1.9 KiB
Go
74 lines
1.9 KiB
Go
package admin_test
|
|
|
|
import (
|
|
"io"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"scrabble/gateway/internal/admin"
|
|
)
|
|
|
|
func newAdmin(t *testing.T) (*httptest.Server, func()) {
|
|
t.Helper()
|
|
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path != "/api/v1/admin/ping" {
|
|
t.Errorf("backend path = %q, want /api/v1/admin/ping", r.URL.Path)
|
|
}
|
|
_, _ = w.Write([]byte("pong"))
|
|
}))
|
|
proxy, err := admin.NewProxy(backend.URL, "ops", "secret", nil)
|
|
if err != nil {
|
|
t.Fatalf("new proxy: %v", err)
|
|
}
|
|
front := httptest.NewServer(proxy)
|
|
return front, func() { front.Close(); backend.Close() }
|
|
}
|
|
|
|
func TestAdminRejectsMissingCredentials(t *testing.T) {
|
|
front, cleanup := newAdmin(t)
|
|
defer cleanup()
|
|
|
|
resp, err := http.Get(front.URL + "/admin/ping")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer func() { _ = resp.Body.Close() }()
|
|
if resp.StatusCode != http.StatusUnauthorized {
|
|
t.Fatalf("status = %d, want 401", resp.StatusCode)
|
|
}
|
|
}
|
|
|
|
func TestAdminProxiesWithCredentials(t *testing.T) {
|
|
front, cleanup := newAdmin(t)
|
|
defer cleanup()
|
|
|
|
req, _ := http.NewRequest(http.MethodGet, front.URL+"/admin/ping", nil)
|
|
req.SetBasicAuth("ops", "secret")
|
|
resp, err := http.DefaultClient.Do(req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer func() { _ = resp.Body.Close() }()
|
|
body, _ := io.ReadAll(resp.Body)
|
|
if resp.StatusCode != http.StatusOK || string(body) != "pong" {
|
|
t.Fatalf("status = %d body = %q, want 200 pong", resp.StatusCode, body)
|
|
}
|
|
}
|
|
|
|
func TestAdminRejectsWrongPassword(t *testing.T) {
|
|
front, cleanup := newAdmin(t)
|
|
defer cleanup()
|
|
|
|
req, _ := http.NewRequest(http.MethodGet, front.URL+"/admin/ping", nil)
|
|
req.SetBasicAuth("ops", "wrong")
|
|
resp, err := http.DefaultClient.Do(req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer func() { _ = resp.Body.Close() }()
|
|
if resp.StatusCode != http.StatusUnauthorized {
|
|
t.Fatalf("status = %d, want 401", resp.StatusCode)
|
|
}
|
|
}
|