Add server components

server/unified-management/internal/auth/auth_test.go

@@ -0,0 +1,48 @@
+package auth
+
+import (
+	"context"
+	"testing"
+
+	"ymhut-box/server/unified-management/internal/config"
+	"ymhut-box/server/unified-management/internal/db"
+)
+
+func TestBootstrapShowsDefaultPasswordOnlyBeforeChange(t *testing.T) {
+	root := t.TempDir()
+	cfg := &config.Config{
+		StorageDir: root,
+		Database: config.DatabaseConfig{
+			Provider:          "sqlite",
+			SQLitePath:        root + "/test.sqlite",
+			FailoverEnabled:   true,
+			HealthIntervalSec: 3600,
+		},
+	}
+	store, err := db.Open(cfg)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer store.Close()
+	if err := store.EnsureDefaultAdmin(context.Background()); err != nil {
+		t.Fatal(err)
+	}
+	service := NewService(store)
+	payload, err := service.Bootstrap(context.Background())
+	if err != nil {
+		t.Fatal(err)
+	}
+	if payload["isDefaultPassword"] != true || payload["defaultPassword"] != "admin" {
+		t.Fatalf("unexpected bootstrap payload: %#v", payload)
+	}
+	if err := store.ChangeAdminPassword(context.Background(), "admin", "admin", "changed"); err != nil {
+		t.Fatal(err)
+	}
+	payload, err = service.Bootstrap(context.Background())
+	if err != nil {
+		t.Fatal(err)
+	}
+	if payload["isDefaultPassword"] != false || payload["defaultPassword"] != "" {
+		t.Fatalf("default password leaked after change: %#v", payload)
+	}
+}