jjasloot · jjasloot · Sep 30, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,17 +2,26 @@ name: OVDB CI
 
 on:
   push:
+  pull_request:
+    branches: [ master ]
 
 jobs:
   build-frontend:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: OV_DB/OVDBFrontend/package-lock.json
       - name: Build frontend
         run: |
           cd OV_DB/OVDBFrontend
           npm install
           npm run build
+
   build-backend:
     runs-on: ubuntu-latest
     steps:
@@ -25,3 +34,43 @@ jobs:
         run: |
           cd OV_DB
           dotnet build
+
+  test-unit:
+    runs-on: ubuntu-latest
+    needs: build-backend
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: 9.0.x
+      - name: Run unit tests
+        run: |
+          cd OV_DB.Tests
+          dotnet test --verbosity normal --logger "trx;LogFileName=test-results.trx"
+      - name: Upload test results
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: unit-test-results
+          path: OV_DB.Tests/TestResults/*.trx
+
+  test-integration:
+    runs-on: ubuntu-latest
+    needs: build-backend
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: 9.0.x
+      - name: Run integration tests
+        run: |
+          cd OV_DB.IntegrationTests
+          dotnet test --verbosity normal --logger "trx;LogFileName=integration-test-results.trx"
+      - name: Upload test results
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: integration-test-results
+          path: OV_DB.IntegrationTests/TestResults/*.trx
diff --git a/OVDB.sln b/OVDB.sln
@@ -9,6 +9,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "OV_DB", "OV_DB\OV_DB.csproj
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OV_DB.Tests", "OV_DB.Tests\OV_DB.Tests.csproj", "{C3062B55-D91A-4ADF-B8D6-A4E1C5DB37D0}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OV_DB.IntegrationTests", "OV_DB.IntegrationTests\OV_DB.IntegrationTests.csproj", "{478C49A3-292E-E2C7-D9D4-E4947BA754C9}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -27,6 +29,10 @@ Global
 		{C3062B55-D91A-4ADF-B8D6-A4E1C5DB37D0}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{C3062B55-D91A-4ADF-B8D6-A4E1C5DB37D0}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{C3062B55-D91A-4ADF-B8D6-A4E1C5DB37D0}.Release|Any CPU.Build.0 = Release|Any CPU
+		{478C49A3-292E-E2C7-D9D4-E4947BA754C9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{478C49A3-292E-E2C7-D9D4-E4947BA754C9}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{478C49A3-292E-E2C7-D9D4-E4947BA754C9}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{478C49A3-292E-E2C7-D9D4-E4947BA754C9}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

diff --git a/OV_DB.IntegrationTests/Controllers/AuthenticationControllerIntegrationTests.cs b/OV_DB.IntegrationTests/Controllers/AuthenticationControllerIntegrationTests.cs
@@ -0,0 +1,148 @@
+using Microsoft.Extensions.DependencyInjection;
+using OV_DB.IntegrationTests.Infrastructure;
+using OV_DB.Models;
+using OVDB_database.Database;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Json;
+using System.Threading.Tasks;
+using Xunit;
+
+namespace OV_DB.IntegrationTests.Controllers
+{
+    [Collection("Database")]
+    public class AuthenticationControllerIntegrationTests : IAsyncLifetime
+    {
+        private readonly DatabaseFixture _databaseFixture;
+        private OvdbWebApplicationFactory _factory;
+        private HttpClient _client;
+
+        public AuthenticationControllerIntegrationTests(DatabaseFixture databaseFixture)
+        {
+            _databaseFixture = databaseFixture;
+        }
+
+        public async Task InitializeAsync()
+        {
+            _factory = new OvdbWebApplicationFactory
+            {
+                ConnectionString = _databaseFixture.ConnectionString
+            };
+
+            _client = _factory.CreateClient();
+
+            // Clean database before each test
+            await _databaseFixture.ResetDatabaseAsync();
+        }
+
+        public async Task DisposeAsync()
+        {
+            _client?.Dispose();
+            if (_factory != null)
+            {
+                await _factory.DisposeAsync();
+            }
+        }
+
+        [Fact]
+        public async Task CreateAccount_WithValidData_CreatesUserAndReturnsToken()
+        {
+            // Arrange
+            var createAccountRequest = new
+            {
+                Email = "integration.test@example.com",
+                Password = "Test123!Password"
+            };
+
+            // Act
+            var response = await _client.PostAsJsonAsync("/api/Authentication/register", createAccountRequest);
+
+            // Assert
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+
+            var result = await response.Content.ReadFromJsonAsync<LoginResponse>();
+            Assert.NotNull(result);
+            Assert.NotNull(result.Token);
+            Assert.NotEmpty(result.Token);
+
+            // Verify user was created in database
+            using var scope = _factory.Services.CreateScope();
+            var context = scope.ServiceProvider.GetRequiredService<OVDBDatabaseContext>();
+            var user = context.Users.FirstOrDefault(u => u.Email == "integration.test@example.com");
+            Assert.NotNull(user);
+            Assert.Equal("integration.test@example.com", user.Email);
+        }
+
+        [Fact]
+        public async Task Login_WithValidCredentials_ReturnsToken()
+        {
+            // Arrange - Create a user first
+            var createRequest = new
+            {
+                Email = "login.test@example.com",
+                Password = "Test123!Password"
+            };
+            await _client.PostAsJsonAsync("/api/Authentication/register", createRequest);
+
+            var loginRequest = new
+            {
+                Email = "login.test@example.com",
+                Password = "Test123!Password"
+            };
+
+            // Act
+            var response = await _client.PostAsJsonAsync("/api/Authentication/Login", loginRequest);
+
+            // Assert
+            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
+
+            var result = await response.Content.ReadFromJsonAsync<LoginResponse>();
+            Assert.NotNull(result);
+            Assert.NotNull(result.Token);
+            Assert.NotEmpty(result.Token);
+        }
+
+        [Fact]
+        public async Task Login_WithInvalidCredentials_ReturnsUnauthorized()
+        {
+            // Arrange
+            var loginRequest = new
+            {
+                Email = "nonexistent@example.com",
+                Password = "WrongPassword123!"
+            };
+
+            // Act
+            var response = await _client.PostAsJsonAsync("/api/Authentication/Login", loginRequest);
+
+            // Assert
+            Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode);
+        }
+
+        [Fact]
+        public async Task CreateAccount_WithDuplicateEmail_ReturnsBadRequest()
+        {
+            // Arrange - Create first user
+            var firstRequest = new
+            {
+                Email = "duplicate@example.com",
+                Password = "Test123!Password"
+            };
+            await _client.PostAsJsonAsync("/api/Authentication/register", firstRequest);
+
+            // Try to create duplicate
+            var duplicateRequest = new
+            {
+                Email = "duplicate@example.com",
+                Password = "DifferentPassword123!"
+            };
+
+            // Act
+            var response = await _client.PostAsJsonAsync("/api/Authentication/register", duplicateRequest);
+
+            // Assert
+            Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
+        }
+    }
+}