Phase 9c: Parent accounts, magic-link login + parent timetable view
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-school (push) Successful in 31s
CI / test-go-edu-search (push) Successful in 30s
CI / test-python-klausur (push) Failing after 2m36s
CI / test-python-agent-core (push) Successful in 21s
CI / test-nodejs-website (push) Successful in 26s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-school (push) Successful in 31s
CI / test-go-edu-search (push) Successful in 30s
CI / test-python-klausur (push) Failing after 2m36s
CI / test-python-agent-core (push) Successful in 21s
CI / test-nodejs-website (push) Successful in 26s
Backend (school-service):
- parent_account, parent_child, parent_magic_link, parent_session
tables. Tokens are sha256-hashed in DB; raw goes back exactly
once to the inviting teacher.
- InviteParent upserts the parent account, links a child to a tt_
class, mints a 7-day magic link. Returns the link path so the
teacher can paste it into Matrix/Email.
- RedeemMagicLink validates + marks used + mints a 30-day session,
sets HttpOnly bp_parent_session cookie.
- ParentSessionMiddleware reads the cookie and resolves the parent.
Lives in its own router group /api/v1/parent — totally separate
from the teacher JWT path.
- ParentMe returns the account + list of children (with class name).
- ParentTimetable returns the latest completed tt_solution's lessons
for the requested child's class, with full authorization check
(parent must own a child in that class).
Frontend (studio-v2):
- lib/calendar/subject-i18n.ts maps 22 German subject names to 8
parent locales (de/en/tr/ar/uk/ru/pl/fr). Falls back to German
for custom subjects.
- ParentManager component on the Schulkalender page lets the teacher
invite parents via email + child name + class + language. Newly
minted magic-link is shown with a copy-to-clipboard button.
- app/api/parent/[...path]/route.ts proxies parent-side endpoints
via the cookie so HttpOnly survives the Next.js round-trip.
- /eltern/login?token=… redeems and redirects to /eltern.
- /eltern shows a Wochengrid with German days + translated subject
names in the parent's preferred language. Headings and weekday
labels also localised (de/en/tr/ar/uk/ru/pl/fr).
Tests:
- 3 new Go unit tests (random token, hash stability, invite-request
validator). 83 subtests gesamt.
- studio-v2: e2e/eltern.spec.ts mit 7 tests across ParentManager,
/eltern/login, /eltern overview, subject-i18n end-to-end.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -0,0 +1,80 @@
|
||||
package services
|
||||
|
||||
import (
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/breakpilot/school-service/internal/models"
|
||||
)
|
||||
|
||||
func TestRandomToken_Hashable(t *testing.T) {
|
||||
raw, hash, err := randomToken()
|
||||
if err != nil {
|
||||
t.Fatalf("randomToken error: %v", err)
|
||||
}
|
||||
if len(raw) < 30 {
|
||||
t.Errorf("raw token suspiciously short: %d", len(raw))
|
||||
}
|
||||
if len(hash) != 64 {
|
||||
t.Errorf("sha256 hex hash must be 64 chars, got %d", len(hash))
|
||||
}
|
||||
if hashToken(raw) != hash {
|
||||
t.Errorf("hashToken(raw) must equal the hash randomToken returned")
|
||||
}
|
||||
}
|
||||
|
||||
func TestRandomToken_NonRepeating(t *testing.T) {
|
||||
// 16 iterations, all raw tokens must differ.
|
||||
seen := map[string]struct{}{}
|
||||
for i := 0; i < 16; i++ {
|
||||
raw, _, err := randomToken()
|
||||
if err != nil {
|
||||
t.Fatalf("iter %d: %v", i, err)
|
||||
}
|
||||
if _, dup := seen[raw]; dup {
|
||||
t.Fatalf("duplicate raw token at iter %d", i)
|
||||
}
|
||||
seen[raw] = struct{}{}
|
||||
}
|
||||
}
|
||||
|
||||
func TestHashToken_StableHexLowercase(t *testing.T) {
|
||||
h := hashToken("hello world")
|
||||
if strings.ToLower(h) != h {
|
||||
t.Errorf("hash should be lowercase hex")
|
||||
}
|
||||
if len(h) != 64 {
|
||||
t.Errorf("expected 64-char hash, got %d", len(h))
|
||||
}
|
||||
}
|
||||
|
||||
func TestInviteParentRequest_Validation(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
req models.InviteParentRequest
|
||||
wantErr bool
|
||||
}{
|
||||
{"valid", models.InviteParentRequest{
|
||||
Email: "a@b.de", ChildFirstName: "Max", ChildLastName: "Mueller",
|
||||
TTClassID: "00000000-0000-0000-0000-000000000001",
|
||||
}, false},
|
||||
{"bad email", models.InviteParentRequest{
|
||||
Email: "not-an-email", ChildFirstName: "Max", ChildLastName: "Mueller",
|
||||
TTClassID: "00000000-0000-0000-0000-000000000001",
|
||||
}, true},
|
||||
{"missing child", models.InviteParentRequest{
|
||||
Email: "a@b.de", TTClassID: "00000000-0000-0000-0000-000000000001",
|
||||
}, true},
|
||||
{"bad class uuid", models.InviteParentRequest{
|
||||
Email: "a@b.de", ChildFirstName: "Max", ChildLastName: "Mueller",
|
||||
TTClassID: "not-a-uuid",
|
||||
}, true},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if (validate.Struct(tt.req) != nil) != tt.wantErr {
|
||||
t.Errorf("unexpected validation outcome for %s", tt.name)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user