refactor: reorganize test suite, add integration tests for NAT filter

- Move integration tests (api, network, phase2, smoke) to tests/integration/ - Move Playwright specs (captive-portal, interop-happy-path) to tests/e2e/ - Move playwright.config.mjs to tests/e2e/ - Fix hardcoded IP fallbacks: 192.168.4.1 → 10.192.45.1 - Add test-reset-auth.mjs: reset→pay→allow→revoke→block cycle - Add test-session-expiry.mjs: pay→wait 65s→verify blocked (slow test) - Add test-dns-firewall.mjs: DNS hijack/forward + per-client NAT filter - Update Makefile with test-unit, test-integration, test-e2e, test-all targets - Update package.json scripts for new paths - Fix Playwright video: retain-on-failure instead of always-on - Update AGENTS.md: per-client NAT filter description - Update CHECKLIST.md: mark completed items, add Board B identity - Board B nsec: 9af47906... → SSID TollGate-b96d80, AP IP 10.185.47.1 - 186 unit tests passing
author: Your Name <you@example.com> 2026-05-17 17:18:43 +0530
committer: Your Name <you@example.com> 2026-05-17 17:18:43 +0530
commit: 8071741815f0b0938701e80a63e80b0ec94b2778 (patch)
tree: 2a1511480e0b58f4efb144aa9d10c9fba5eed034 /tests/integration/test-session-expiry.mjs
parent: 0c2c67b463d6a90aaa0bb69bf3c91dba1d9ec3ec (diff)
1 files changed, 103 insertions, 0 deletions
diff --git a/tests/integration/test-session-expiry.mjs b/tests/integration/test-session-expiry.mjs
new file mode 100644
index 0000000..c8334ab
--- /dev/null
+++ b/tests/integration/test-session-expiry.mjs
@@ -0,0 +1,103 @@
+import { execSync } from 'child_process';
+const IP = process.env.TOLLGATE_IP || '10.192.45.1';
+const API = `http://${IP}:2121`;
+let passed = 0, failed = 0;
+function assert(cond, msg) {
+  if (cond) { console.log(`  ✓ ${msg}`); passed++; }
+  else { console.log(`  ✗ ${msg}`); failed++; }
+}
+function run(cmd) {
+  try { return execSync(cmd, { encoding: 'utf8', timeout: 15000 }); }
+  catch { return null; }
+}
+function runJson(cmd) {
+  const out = run(cmd);
+  try { return out ? JSON.parse(out) : null; }
+  catch { return null; }
+}
+function sleep(ms) { return new Promise(r => setTimeout(r, ms)); }
+function mintToken(amount = 21) {
+  run('cashu -h https://testnut.cashu.space invoice ' + amount + ' 2>&1');
+  const out = run('cashu -h https://testnut.cashu.space send --legacy ' + amount + ' 2>&1');
+  const match = out && out.match(/cashuA[a-zA-Z0-9_-]+/);
+  return match ? match[0] : null;
+}
+function canPing(host = '8.8.8.8') {
+  const result = run(`ping -c 1 -W 2 -I wlp59s0 ${host} 2>/dev/null`);
+  return result && !result.includes('100% packet loss');
+}
+console.log(`\n=== Session Expiry Integration Test (target: ${IP}) ===`);
+console.log(`NOTE: This test waits 65s for session expiry. Total runtime ~80s.\n`);
+console.log('1. Reset auth');
+run(`curl -s --connect-timeout 10 http://${IP}/reset_authentication`);
+await sleep(1000);
+console.log('\n2. Verify blocked before payment');
+assert(!canPing(), 'Ping blocked before payment');
+const usage0 = run(`curl -s --connect-timeout 10 ${API}/usage`);
+assert(usage0 && usage0.includes('-1/-1'), 'Usage is -1/-1');
+console.log('\n3. Pay with valid token (21 sats = 60000ms)');
+const token = mintToken(21);
+assert(token !== null, 'Token generated');
+if (token) {
+  const payResult = runJson(`curl -s --connect-timeout 20 -X POST --data-binary '${token}' -H "Content-Type: application/cashu" ${API}/`);
+  assert(payResult && payResult.kind === 1022, 'Payment accepted');
+}
+await sleep(1000);
+console.log('\n4. Verify session active');
+const usage1 = run(`curl -s --connect-timeout 10 ${API}/usage`);
+assert(usage1 && !usage1.includes('-1/-1'), `Usage: ${usage1}`);
+console.log('\n5. Verify internet works');
+assert(canPing(), 'Ping works with active session');
+const httpResult = run(`curl -s --connect-timeout 10 -m 10 --interface wlp59s0 http://1.1.1.1/ 2>/dev/null`);
+assert(httpResult && httpResult.length > 0, 'HTTP request reaches internet');
+console.log('\n6. Waiting 65s for session expiry (allotment=60000ms)...');
+for (let i = 65; i > 0; i -= 5) {
+  process.stdout.write(`\r  ${i}s remaining...`);
+  await sleep(Math.min(5000, i * 1000));
+}
+console.log('\r  Session should be expired now.         ');
+console.log('\n7. Verify session expired');
+const usage2 = run(`curl -s --connect-timeout 10 ${API}/usage`);
+assert(usage2 && usage2.includes('-1/-1'), `Usage after expiry: ${usage2}`);
+console.log('\n8. Verify internet blocked after expiry');
+assert(!canPing(), 'Ping blocked after session expiry');
+const httpResult2 = run(`curl -s --connect-timeout 5 -m 5 --interface wlp59s0 http://1.1.1.1/ 2>/dev/null`);
+assert(!httpResult2 || httpResult2.length === 0, 'HTTP blocked after expiry');
+console.log('\n9. Pay again to verify renewal works');
+const token2 = mintToken(21);
+if (token2) {
+  const pay2 = runJson(`curl -s --connect-timeout 20 -X POST --data-binary '${token2}' -H "Content-Type: application/cashu" ${API}/`);
+  assert(pay2 && pay2.kind === 1022, 'Renewal payment accepted');
+}
+await sleep(1000);
+console.log('\n10. Verify internet works after renewal');
+assert(canPing(), 'Ping works after renewal');
+run(`curl -s --connect-timeout 10 http://${IP}/reset_authentication`);
+console.log(`\n=== Results: ${passed} passed, ${failed} failed ===\n`);
+process.exit(failed > 0 ? 1 : 0);
author	Your Name <you@example.com>	2026-05-17 17:18:43 +0530
committer	Your Name <you@example.com>	2026-05-17 17:18:43 +0530
commit	8071741815f0b0938701e80a63e80b0ec94b2778 (patch)
tree	2a1511480e0b58f4efb144aa9d10c9fba5eed034 /tests/integration/test-session-expiry.mjs
parent	0c2c67b463d6a90aaa0bb69bf3c91dba1d9ec3ec (diff)

diff --git a/tests/integration/test-session-expiry.mjs b/tests/integration/test-session-expiry.mjs new file mode 100644 index 0000000..c8334ab --- /dev/null +++ b/tests/integration/test-session-expiry.mjs
@@ -0,0 +1,103 @@
	1	import { execSync } from 'child_process';
	2
	3	const IP = process.env.TOLLGATE_IP \|\| '10.192.45.1';
	4	const API = `http://${IP}:2121`;
	5	let passed = 0, failed = 0;
	6
	7	function assert(cond, msg) {
	8	if (cond) { console.log(` ✓ ${msg}`); passed++; }
	9	else { console.log(` ✗ ${msg}`); failed++; }
	10	}
	11
	12	function run(cmd) {
	13	try { return execSync(cmd, { encoding: 'utf8', timeout: 15000 }); }
	14	catch { return null; }
	15	}
	16
	17	function runJson(cmd) {
	18	const out = run(cmd);
	19	try { return out ? JSON.parse(out) : null; }
	20	catch { return null; }
	21	}
	22
	23	function sleep(ms) { return new Promise(r => setTimeout(r, ms)); }
	24
	25	function mintToken(amount = 21) {
	26	run('cashu -h https://testnut.cashu.space invoice ' + amount + ' 2>&1');
	27	const out = run('cashu -h https://testnut.cashu.space send --legacy ' + amount + ' 2>&1');
	28	const match = out && out.match(/cashuA[a-zA-Z0-9_-]+/);
	29	return match ? match[0] : null;
	30	}
	31
	32	function canPing(host = '8.8.8.8') {
	33	const result = run(`ping -c 1 -W 2 -I wlp59s0 ${host} 2>/dev/null`);
	34	return result && !result.includes('100% packet loss');
	35	}
	36
	37	console.log(`\n=== Session Expiry Integration Test (target: ${IP}) ===`);
	38	console.log(`NOTE: This test waits 65s for session expiry. Total runtime ~80s.\n`);
	39
	40	console.log('1. Reset auth');
	41	run(`curl -s --connect-timeout 10 http://${IP}/reset_authentication`);
	42
	43	await sleep(1000);
	44
	45	console.log('\n2. Verify blocked before payment');
	46	assert(!canPing(), 'Ping blocked before payment');
	47
	48	const usage0 = run(`curl -s --connect-timeout 10 ${API}/usage`);
	49	assert(usage0 && usage0.includes('-1/-1'), 'Usage is -1/-1');
	50
	51	console.log('\n3. Pay with valid token (21 sats = 60000ms)');
	52	const token = mintToken(21);
	53	assert(token !== null, 'Token generated');
	54	if (token) {
	55	const payResult = runJson(`curl -s --connect-timeout 20 -X POST --data-binary '${token}' -H "Content-Type: application/cashu" ${API}/`);
	56	assert(payResult && payResult.kind === 1022, 'Payment accepted');
	57	}
	58
	59	await sleep(1000);
	60
	61	console.log('\n4. Verify session active');
	62	const usage1 = run(`curl -s --connect-timeout 10 ${API}/usage`);
	63	assert(usage1 && !usage1.includes('-1/-1'), `Usage: ${usage1}`);
	64
	65	console.log('\n5. Verify internet works');
	66	assert(canPing(), 'Ping works with active session');
	67
	68	const httpResult = run(`curl -s --connect-timeout 10 -m 10 --interface wlp59s0 http://1.1.1.1/ 2>/dev/null`);
	69	assert(httpResult && httpResult.length > 0, 'HTTP request reaches internet');
	70
	71	console.log('\n6. Waiting 65s for session expiry (allotment=60000ms)...');
	72	for (let i = 65; i > 0; i -= 5) {
	73	process.stdout.write(`\r ${i}s remaining...`);
	74	await sleep(Math.min(5000, i * 1000));
	75	}
	76	console.log('\r Session should be expired now. ');
	77
	78	console.log('\n7. Verify session expired');
	79	const usage2 = run(`curl -s --connect-timeout 10 ${API}/usage`);
	80	assert(usage2 && usage2.includes('-1/-1'), `Usage after expiry: ${usage2}`);
	81
	82	console.log('\n8. Verify internet blocked after expiry');
	83	assert(!canPing(), 'Ping blocked after session expiry');
	84
	85	const httpResult2 = run(`curl -s --connect-timeout 5 -m 5 --interface wlp59s0 http://1.1.1.1/ 2>/dev/null`);
	86	assert(!httpResult2 \|\| httpResult2.length === 0, 'HTTP blocked after expiry');
	87
	88	console.log('\n9. Pay again to verify renewal works');
	89	const token2 = mintToken(21);
	90	if (token2) {
	91	const pay2 = runJson(`curl -s --connect-timeout 20 -X POST --data-binary '${token2}' -H "Content-Type: application/cashu" ${API}/`);
	92	assert(pay2 && pay2.kind === 1022, 'Renewal payment accepted');
	93	}
	94
	95	await sleep(1000);
	96
	97	console.log('\n10. Verify internet works after renewal');
	98	assert(canPing(), 'Ping works after renewal');
	99
	100	run(`curl -s --connect-timeout 10 http://${IP}/reset_authentication`);
	101
	102	console.log(`\n=== Results: ${passed} passed, ${failed} failed ===\n`);
	103	process.exit(failed > 0 ? 1 : 0);