Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: Implement Integration Test for Password Hashing in Database #227

Open
6 tasks
benoit-bremaud opened this issue Jul 27, 2024 · 0 comments
Open
6 tasks

test: Implement Integration Test for Password Hashing in Database #227

benoit-bremaud opened this issue Jul 27, 2024 · 0 comments
Assignees
@benoit-bremaud
Labels
backend Label to indicate the backend team security Related to authentication and authorization test Related to testing and validation
Milestone
Milestone 5: Test...

Comments

@benoit-bremaud
Copy link
Owner

Summary

This issue focuses on implementing integration tests to verify that passwords are stored in a hashed format in the database when users are registered through the /api/users/signup endpoint. Ensuring that passwords are not stored in plain text is crucial for user data security.

Context

Password hashing is a critical aspect of securing user data. These tests will ensure that the application does not store passwords in plain text, and that the hashing process is correctly integrated with the user registration functionality. The tests will validate the entire flow from user input to data storage in the database.

Objectives

  • Implement integration tests for the /api/users/signup route to verify that passwords are hashed.
  • Ensure that plain text passwords are not stored in the database.
  • Verify that the stored passwords match the expected hash format (e.g., bcrypt).

Acceptance Criteria

  • The password stored in the database must not be in plain text.
  • The hashed password in the database must match the expected hash format.
  • The test should check the consistency and correctness of the password hashing process.

Tasks

  • Create and initialize a new working branch
    • Use the branch name following the conventions specified in the CONTRIBUTING.md guide.
    • Branch name format: test/issue-number-integration-password-hashing
  • Develop integration tests for the /api/users/signup route.
  • Ensure the tests verify that passwords are hashed before saving.
  • Check that the passwords are not stored in plain text in the database.
  • Write the commit message
    • Ensure the commit message follows the naming conventions as specified in the CONTRIBUTING.md guide.
  • Create the Pull Request
    • Ensure the Pull Request follows the naming and description conventions as specified in the CONTRIBUTING.md guide.

Resources

UML Diagrams References

  • Sequence Diagram: To visualize the process flow from user registration to password storage in the database.
  • Class Diagram: To show the relationships between the user model and associated services.

Branch Name

test/issue-number-integration-password-hashing
@benoit-bremaud benoit-bremaud added backend Label to indicate the backend team security Related to authentication and authorization test Related to testing and validation labels Jul 27, 2024
@benoit-bremaud benoit-bremaud self-assigned this Jul 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@benoit-bremaud benoit-bremaud

Labels
backend Label to indicate the backend team security Related to authentication and authorization test Related to testing and validation
Projects
None yet
Milestone
Milestone 5: Testing and Validation
Development

No branches or pull requests
1 participant
@benoit-bremaud