Enhance tests and refactor controller for improved coverage#78
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Substantially improves the project's test coverage and restores a meaningful coverage gate. It builds on #77 (the
x/crypto/Go 1.25 bump), which had to temporarily lower the CI gate to 15% because Go 1.25 changed how coverage is measured (packages without tests now count as 0% in the module total).This PR adds tests to the packages that were at 0%, refactors the controller layer so it can be unit-tested, fixes a few latent handler bugs found along the way, and raises the coverage gate back to a meaningful 50%. Module-wide coverage goes from ~18.7% to 58.9%.
Checklist
Related Issue
Builds on #77. No tracking issue.
Proposed Changes
Grouped by the 4 commits in this branch:
middleware:Authenticatelets valid tokens through and returns 401 (without calling next) for invalid/missing tokens;Loggerpasses through.authentication: reject non-HMAC signing methods (algorithm-confusion defense), expired tokens and missing/malformedAuthorizationheaders.response:JSONsets content-type/status/body and omits the body when data is nil;Errorrenders{"error":...}with the given status.UserController/PostControllerdepending on usecase interfaces, wired in the routing layer; the DB is now connected once inmain()and injected viarouter.Generate/routes.Setupinstead of per request inside every handler.return/masked errors):LoginandUpdatePasswordno longer continue with an empty payload after an invalid body;GetUserPostsandDeleteUserno longer fall through to a success response after an error.Validate coveragegate uses a numeric comparison (bc) and is set to 50%, now that honest coverage is ~58%.config:Load()env→settings mapping, with port fallback to 8000.router: smoke-tests the route table and auth middleware viaGenerate(nil)and httptest (health 200, protected routes 401, unknown path 404, 405).error_type: validation error constructors and theerrors.Ascontract.Tests Performed
Run on Go 1.25 (PowerShell):
go build ./... # ok
go vet ./... # ok
go test ./... # all packages PASS
go test ./... -coverprofile=coverage
go tool cover -func=coverage | grep total
total: (statements) 58.9%
Per-package coverage after this PR: middleware 100%, router 100%, error_type 100%, controller 94.1%, authentication 92.9%, config 77.8%, response 83.3% (plus the pre-existing entity 94.7%, usecase 92.3%, crypt 100%). Only
databaseandrepositoryremain untested (they need a real DB or sqlmock).Additional Notes
docker-composeis unaffected.