fix: Login secret text transmission (#29659)

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: -LAN- <laipz8200@outlook.com>
2025-12-16 16:55:51 +08:00
parent ae4a9040df
commit b7649f61f8
14 changed files with 417 additions and 24 deletions
--- a/api/tests/unit_tests/libs/test_encryption.py
+++ b/api/tests/unit_tests/libs/test_encryption.py
@@ -0,0 +1,150 @@
+"""
+Unit tests for field encoding/decoding utilities.
+
+These tests verify Base64 encoding/decoding functionality and
+proper error handling and fallback behavior.
+"""
+
+import base64
+
+from libs.encryption import FieldEncryption
+
+
+class TestDecodeField:
+    """Test cases for field decoding functionality."""
+
+    def test_decode_valid_base64(self):
+        """Test decoding a valid Base64 encoded string."""
+        plaintext = "password123"
+        encoded = base64.b64encode(plaintext.encode("utf-8")).decode()
+
+        result = FieldEncryption.decrypt_field(encoded)
+        assert result == plaintext
+
+    def test_decode_non_base64_returns_none(self):
+        """Test that non-base64 input returns None."""
+        non_base64 = "plain-password-!@#"
+        result = FieldEncryption.decrypt_field(non_base64)
+        # Should return None (decoding failed)
+        assert result is None
+
+    def test_decode_unicode_text(self):
+        """Test decoding Base64 encoded Unicode text."""
+        plaintext = "密码Test123"
+        encoded = base64.b64encode(plaintext.encode("utf-8")).decode()
+
+        result = FieldEncryption.decrypt_field(encoded)
+        assert result == plaintext
+
+    def test_decode_empty_string(self):
+        """Test decoding an empty string returns empty string."""
+        result = FieldEncryption.decrypt_field("")
+        # Empty string base64 decodes to empty string
+        assert result == ""
+
+    def test_decode_special_characters(self):
+        """Test decoding with special characters."""
+        plaintext = "P@ssw0rd!#$%^&*()"
+        encoded = base64.b64encode(plaintext.encode("utf-8")).decode()
+
+        result = FieldEncryption.decrypt_field(encoded)
+        assert result == plaintext
+
+
+class TestDecodePassword:
+    """Test cases for password decoding."""
+
+    def test_decode_password_base64(self):
+        """Test decoding a Base64 encoded password."""
+        password = "SecureP@ssw0rd!"
+        encoded = base64.b64encode(password.encode("utf-8")).decode()
+
+        result = FieldEncryption.decrypt_password(encoded)
+        assert result == password
+
+    def test_decode_password_invalid_returns_none(self):
+        """Test that invalid base64 passwords return None."""
+        invalid = "PlainPassword!@#"
+        result = FieldEncryption.decrypt_password(invalid)
+        # Should return None (decoding failed)
+        assert result is None
+
+
+class TestDecodeVerificationCode:
+    """Test cases for verification code decoding."""
+
+    def test_decode_code_base64(self):
+        """Test decoding a Base64 encoded verification code."""
+        code = "789012"
+        encoded = base64.b64encode(code.encode("utf-8")).decode()
+
+        result = FieldEncryption.decrypt_verification_code(encoded)
+        assert result == code
+
+    def test_decode_code_invalid_returns_none(self):
+        """Test that invalid base64 codes return None."""
+        invalid = "123456"  # Plain 6-digit code, not base64
+        result = FieldEncryption.decrypt_verification_code(invalid)
+        # Should return None (decoding failed)
+        assert result is None
+
+
+class TestRoundTripEncodingDecoding:
+    """
+    Integration tests for complete encoding-decoding cycle.
+    These tests simulate the full frontend-to-backend flow using Base64.
+    """
+
+    def test_roundtrip_password(self):
+        """Test encoding and decoding a password."""
+        original_password = "SecureP@ssw0rd!"
+
+        # Simulate frontend encoding (Base64)
+        encoded = base64.b64encode(original_password.encode("utf-8")).decode()
+
+        # Backend decoding
+        decoded = FieldEncryption.decrypt_password(encoded)
+
+        assert decoded == original_password
+
+    def test_roundtrip_verification_code(self):
+        """Test encoding and decoding a verification code."""
+        original_code = "123456"
+
+        # Simulate frontend encoding
+        encoded = base64.b64encode(original_code.encode("utf-8")).decode()
+
+        # Backend decoding
+        decoded = FieldEncryption.decrypt_verification_code(encoded)
+
+        assert decoded == original_code
+
+    def test_roundtrip_unicode_password(self):
+        """Test encoding and decoding password with Unicode characters."""
+        original_password = "密码Test123!@#"
+
+        # Frontend encoding
+        encoded = base64.b64encode(original_password.encode("utf-8")).decode()
+
+        # Backend decoding
+        decoded = FieldEncryption.decrypt_password(encoded)
+
+        assert decoded == original_password
+
+    def test_roundtrip_long_password(self):
+        """Test encoding and decoding a long password."""
+        original_password = "ThisIsAVeryLongPasswordWithLotsOfCharacters123!@#$%^&*()"
+
+        encoded = base64.b64encode(original_password.encode("utf-8")).decode()
+        decoded = FieldEncryption.decrypt_password(encoded)
+
+        assert decoded == original_password
+
+    def test_roundtrip_with_whitespace(self):
+        """Test encoding and decoding with whitespace."""
+        original_password = "pass word with spaces"
+
+        encoded = base64.b64encode(original_password.encode("utf-8")).decode()
+        decoded = FieldEncryption.decrypt_field(encoded)
+
+        assert decoded == original_password