# JWT Authentication System Test Script # Tests the complete authentication flow Write-Host "`n=== JWT Authentication System Test ===" -ForegroundColor Cyan # Test 1: Register a new user Write-Host "`n[Test 1] User Registration..." -ForegroundColor Yellow $registerBody = @{ username = "testuser2" email = "test2@example.com" password = "password123" } | ConvertTo-Json try { $registerResponse = Invoke-RestMethod -Uri "http://localhost:8000/api/auth/register" ` -Method Post -ContentType "application/json" -Body $registerBody Write-Host "✓ Registration successful!" -ForegroundColor Green Write-Host " User ID: $($registerResponse.user.id)" Write-Host " Username: $($registerResponse.user.username)" Write-Host " Role: $($registerResponse.user.role)" } catch { Write-Host "✗ Registration failed: $($_.Exception.Message)" -ForegroundColor Red } # Test 2: Login with credentials Write-Host "`n[Test 2] User Login..." -ForegroundColor Yellow $loginBody = @{ username = "testuser2" password = "password123" } | ConvertTo-Json try { $loginResponse = Invoke-RestMethod -Uri "http://localhost:8000/api/auth/login" ` -Method Post -ContentType "application/json" -Body $loginBody Write-Host "✓ Login successful!" -ForegroundColor Green Write-Host " Access Token: $($loginResponse.access_token.Substring(0,50))..." $token = $loginResponse.access_token $refreshToken = $loginResponse.refresh_token } catch { Write-Host "✗ Login failed: $($_.Exception.Message)" -ForegroundColor Red exit 1 } # Test 3: Access protected endpoint with token Write-Host "`n[Test 3] Access Protected Endpoint (with token)..." -ForegroundColor Yellow $headers = @{ Authorization = "Bearer $token" } try { $meResponse = Invoke-RestMethod -Uri "http://localhost:8000/api/auth/me" ` -Method Get -Headers $headers Write-Host "✓ Successfully accessed protected endpoint!" -ForegroundColor Green Write-Host " User: $($meResponse.username)" Write-Host " Email: $($meResponse.email)" } catch { Write-Host "✗ Failed to access protected endpoint: $($_.Exception.Message)" -ForegroundColor Red } # Test 4: Access protected endpoint without token Write-Host "`n[Test 4] Access Protected Endpoint (without token)..." -ForegroundColor Yellow try { $response = Invoke-WebRequest -Uri "http://localhost:8000/api/projects" ` -Method Get -ErrorAction Stop Write-Host "✗ Should have been rejected!" -ForegroundColor Red } catch { if ($_.Exception.Response.StatusCode.value__ -eq 401) { Write-Host "✓ Correctly rejected with 401 Unauthorized!" -ForegroundColor Green } else { Write-Host "✗ Wrong status code: $($_.Exception.Response.StatusCode.value__)" -ForegroundColor Red } } # Test 5: Create a project (authenticated) Write-Host "`n[Test 5] Create Project (authenticated)..." -ForegroundColor Yellow $projectBody = @{ name = "Test Project" description = "A test project" config = '{"type":"image"}' } | ConvertTo-Json try { $projectResponse = Invoke-RestMethod -Uri "http://localhost:8000/api/projects" ` -Method Post -Headers $headers -ContentType "application/json" -Body $projectBody Write-Host "✓ Project created successfully!" -ForegroundColor Green Write-Host " Project ID: $($projectResponse.id)" Write-Host " Project Name: $($projectResponse.name)" $projectId = $projectResponse.id } catch { Write-Host "✗ Failed to create project: $($_.Exception.Message)" -ForegroundColor Red } # Test 6: Create a task (authenticated, auto-assigned to current user) Write-Host "`n[Test 6] Create Task (auto-assigned to current user)..." -ForegroundColor Yellow $taskBody = @{ project_id = $projectId name = "Test Task" data = @{ items = @( @{ id = 1; text = "Sample text" } ) } } | ConvertTo-Json -Depth 5 try { $taskResponse = Invoke-RestMethod -Uri "http://localhost:8000/api/tasks" ` -Method Post -Headers $headers -ContentType "application/json" -Body $taskBody Write-Host "✓ Task created successfully!" -ForegroundColor Green Write-Host " Task ID: $($taskResponse.id)" Write-Host " Assigned to: $($taskResponse.assigned_to)" $taskId = $taskResponse.id } catch { Write-Host "✗ Failed to create task: $($_.Exception.Message)" -ForegroundColor Red } # Test 7: Create an annotation (authenticated, auto-assigned to current user) Write-Host "`n[Test 7] Create Annotation (auto-assigned to current user)..." -ForegroundColor Yellow $annotationBody = @{ task_id = $taskId user_id = "ignored" # This should be ignored and use authenticated user result = @{ label = "positive" confidence = 0.95 } } | ConvertTo-Json -Depth 5 try { $annotationResponse = Invoke-RestMethod -Uri "http://localhost:8000/api/annotations" ` -Method Post -Headers $headers -ContentType "application/json" -Body $annotationBody Write-Host "✓ Annotation created successfully!" -ForegroundColor Green Write-Host " Annotation ID: $($annotationResponse.id)" Write-Host " User ID: $($annotationResponse.user_id)" } catch { Write-Host "✗ Failed to create annotation: $($_.Exception.Message)" -ForegroundColor Red } # Test 8: Token refresh Write-Host "`n[Test 8] Token Refresh..." -ForegroundColor Yellow $refreshBody = @{ refresh_token = $refreshToken } | ConvertTo-Json try { $refreshResponse = Invoke-RestMethod -Uri "http://localhost:8000/api/auth/refresh" ` -Method Post -ContentType "application/json" -Body $refreshBody Write-Host "✓ Token refreshed successfully!" -ForegroundColor Green Write-Host " New Access Token: $($refreshResponse.access_token.Substring(0,50))..." } catch { Write-Host "✗ Failed to refresh token: $($_.Exception.Message)" -ForegroundColor Red } # Test 9: Try to delete project as non-admin (should fail) Write-Host "`n[Test 9] Delete Project (as non-admin, should fail)..." -ForegroundColor Yellow try { $response = Invoke-WebRequest -Uri "http://localhost:8000/api/projects/$projectId" ` -Method Delete -Headers $headers -ErrorAction Stop Write-Host "✗ Should have been rejected!" -ForegroundColor Red } catch { if ($_.Exception.Response.StatusCode.value__ -eq 403) { Write-Host "✓ Correctly rejected with 403 Forbidden!" -ForegroundColor Green } else { Write-Host "✗ Wrong status code: $($_.Exception.Response.StatusCode.value__)" -ForegroundColor Red } } Write-Host "`n=== All Tests Completed ===" -ForegroundColor Cyan