Cover front authentication failure paths

This commit is contained in:
王鹏
2026-05-22 10:12:39 +08:00
parent 265ec9553b
commit 532f05da99

View File

@@ -7,6 +7,7 @@ import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.framework.web.service.TokenService; import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.generator.domain.front.FrontUser; import com.ruoyi.generator.domain.front.FrontUser;
import com.ruoyi.generator.service.front.IFrontUserService; import com.ruoyi.generator.service.front.IFrontUserService;
import com.ruoyi.web.controller.front.FrontAuthController;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
@@ -29,6 +30,8 @@ public class FrontAuthServiceTest
{ {
private FrontAuthService frontAuthService; private FrontAuthService frontAuthService;
private FrontAuthController frontAuthController;
@Mock @Mock
private IFrontUserService frontUserService; private IFrontUserService frontUserService;
@@ -39,8 +42,10 @@ public class FrontAuthServiceTest
public void setUp() throws Exception public void setUp() throws Exception
{ {
frontAuthService = new FrontAuthService(); frontAuthService = new FrontAuthService();
setField("frontUserService", frontUserService); frontAuthController = new FrontAuthController();
setField("tokenService", tokenService); setField(frontAuthService, "frontUserService", frontUserService);
setField(frontAuthService, "tokenService", tokenService);
setField(frontAuthController, "frontAuthService", frontAuthService);
} }
@Test @Test
@@ -85,6 +90,42 @@ public class FrontAuthServiceTest
verify(frontUserService, never()).updateLastLoginTime(anyLong()); verify(frontUserService, never()).updateLastLoginTime(anyLong());
} }
@Test
public void loginRejectsNullBodyWithCredentialFailure()
{
try
{
frontAuthController.login(null);
fail("Expected ServiceException");
}
catch (ServiceException e)
{
assertEquals("用户名或密码错误", e.getMessage());
}
verify(frontUserService, never()).selectByUsername(any());
verify(tokenService, never()).createToken(any(LoginUser.class));
verify(frontUserService, never()).updateLastLoginTime(anyLong());
}
@Test
public void loginRejectsNullUsernameWithCredentialFailure()
{
try
{
frontAuthService.login(null, "admin123");
fail("Expected ServiceException");
}
catch (ServiceException e)
{
assertEquals("用户名或密码错误", e.getMessage());
}
verify(frontUserService, never()).selectByUsername(any());
verify(tokenService, never()).createToken(any(LoginUser.class));
verify(frontUserService, never()).updateLastLoginTime(anyLong());
}
@Test @Test
public void loginRejectsBadPasswordBeforeAccountStatus() public void loginRejectsBadPasswordBeforeAccountStatus()
{ {
@@ -112,6 +153,33 @@ public class FrontAuthServiceTest
verify(frontUserService, never()).updateLastLoginTime(anyLong()); verify(frontUserService, never()).updateLastLoginTime(anyLong());
} }
@Test
public void loginRejectsBadPasswordBeforeDeletedStatus()
{
FrontUser user = new FrontUser();
user.setUserId(100L);
user.setUsername("demo");
user.setNickname("Demo");
user.setPassword(SecurityUtils.encryptPassword("admin123"));
user.setStatus("0");
user.setDelFlag("2");
when(frontUserService.selectByUsername("demo")).thenReturn(user);
try
{
frontAuthService.login("demo", "wrong");
fail("Expected ServiceException");
}
catch (ServiceException e)
{
assertEquals("用户名或密码错误", e.getMessage());
}
verify(tokenService, never()).createToken(any(LoginUser.class));
verify(frontUserService, never()).updateLastLoginTime(anyLong());
}
@Test @Test
public void profileClearsPasswordBeforeReturning() public void profileClearsPasswordBeforeReturning()
{ {
@@ -128,10 +196,10 @@ public class FrontAuthServiceTest
assertNull(profile.getPassword()); assertNull(profile.getPassword());
} }
private void setField(String name, Object value) throws Exception private void setField(Object target, String name, Object value) throws Exception
{ {
Field field = FrontAuthService.class.getDeclaredField(name); Field field = target.getClass().getDeclaredField(name);
field.setAccessible(true); field.setAccessible(true);
field.set(frontAuthService, value); field.set(target, value);
} }
} }