kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

merge feat/304-userfront-wasm-e2e into dev

Browse Source
This commit is contained in:
Lectom C Han
2026-02-24 15:40:51 +09:00
parent bc07619452 aeb418fb9f
commit 8a074f16e7
55 changed files with 3425 additions and 431 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
userfront/assets/translations/ko.toml
View File

@@ -54,12 +54,12 @@ empty_detail = "앱을 연동하면 최근 활동과 상태가 표시됩니다."
error = "연동 정보를 불러오지 못했습니다."
[msg.userfront.dashboard.approved_session]
copy_click = "{label}: {id}\\\\\\\\n클릭하면 복사됩니다."
copy_tap = "{label}: {id}\\\\\\\\n탭하면 복사됩니다."
copy_click = "{label}: {id} \\n클릭하면 복사됩니다."
copy_tap = "{label}: {id} \\n탭하면 복사됩니다."
none = "{label} 없음"
[msg.userfront.dashboard.revoke]
confirm = "{app} 앱과의 연동을 해지하시겠습니까?\\\\\\\\n해지하면 다음 로그인 시 다시 동의가 필요합니다."
confirm = "{app} 앱과의 연동을 해지하시겠습니까? \\n해지하면 다음 로그인 시 다시 동의가 필요합니다."
error = "해지 실패: {error}"
success = "{app} 연동이 해지되었습니다."

21
userfront/lib/core/services/auth_proxy_service.dart
View File

@@ -4,6 +4,7 @@ import 'package:flutter_dotenv/flutter_dotenv.dart';
import 'package:userfront/i18n.dart';
import 'http_client.dart';
import 'auth_token_store.dart';
import 'log_policy.dart';
class AuthProxyService {
static String _envOrDefault(String key, String fallback) {
@@ -793,12 +794,30 @@ class AuthProxyService {
if (!_canSendClientLog()) {
return;
}
final appEnv = _envOrDefault('APP_ENV', 'dev');
final productionDebugFlag = _envOrDefault(
'CLIENT_LOG_DEBUG',
_envOrDefault('USERFRONT_DEBUG_LOG', ''),
);
if (!LogPolicy.shouldRelayClientLog(
level: level,
appEnv: appEnv,
productionDebugFlag: productionDebugFlag,
)) {
return;
}
final url = Uri.parse('$_baseUrl/api/v1/client-log');
final sanitizedMessage = LogPolicy.sanitizeMessage(message);
final sanitizedData = data == null ? null : LogPolicy.sanitizeData(data);
try {
await http.post(
url,
headers: {'Content-Type': 'application/json'},
body: jsonEncode({'level': level, 'message': message, 'data': ?data}),
body: jsonEncode({
'level': level,
'message': sanitizedMessage,
if (sanitizedData != null) 'data': sanitizedData,
}),
);
_recordClientLogSuccess();
} catch (_) {

123
userfront/lib/core/services/log_policy.dart Normal file
View File

@@ -0,0 +1,123 @@
class LogPolicy {
static const Set<String> _sensitiveKeys = {
'password',
'currentpassword',
'newpassword',
'oldpassword',
'token',
'accesstoken',
'refreshtoken',
'secret',
'clientsecret',
'authorization',
'cookie',
'setcookie',
'verificationcode',
'code',
'loginchallenge',
'loginverifier',
'sessionjwt',
'accessjwt',
'refreshjwt',
};
static bool isProductionEnv(String? appEnv) {
final env = (appEnv ?? '').trim().toLowerCase();
return env == 'prod' || env == 'production';
}
static bool parseBoolFlag(String? raw) {
final value = (raw ?? '').trim().toLowerCase();
return value == '1' ||
value == 'true' ||
value == 'yes' ||
value == 'y' ||
value == 'on';
}
static bool debugEnabled({
required String? appEnv,
required String? productionDebugFlag,
}) {
if (!isProductionEnv(appEnv)) {
return true;
}
return parseBoolFlag(productionDebugFlag);
}
static bool shouldRelayClientLog({
required String level,
required String? appEnv,
required String? productionDebugFlag,
}) {
if (debugEnabled(
appEnv: appEnv,
productionDebugFlag: productionDebugFlag,
)) {
return true;
}
final normalized = level.trim().toUpperCase();
return normalized == 'SEVERE' ||
normalized == 'ERROR' ||
normalized == 'WARNING' ||
normalized == 'WARN';
}
static String sanitizeMessage(String message) {
if (message.trim().isEmpty) {
return message;
}
var sanitized = message.replaceAllMapped(
RegExp(
r'"(password|currentpassword|newpassword|oldpassword|token|accesstoken|refreshtoken|secret|clientsecret|authorization|cookie|setcookie|verificationcode|code|loginchallenge|loginverifier|sessionjwt|accessjwt|refreshjwt)"\s*:\s*"[^"]*"',
caseSensitive: false,
),
(match) {
final key = match.group(1) ?? 'sensitive';
return '"$key":"*****"';
},
);
sanitized = sanitized.replaceAllMapped(
RegExp(
r'\b(password|current_password|currentpassword|new_password|newpassword|old_password|oldpassword|token|access_token|accesstoken|refresh_token|refreshtoken|authorization|cookie|session_jwt|sessionjwt|access_jwt|accessjwt|refresh_jwt|refreshjwt)\b\s*[:=]\s*([^\s,;]+)',
caseSensitive: false,
),
(match) {
final key = match.group(1) ?? 'sensitive';
return '$key=*****';
},
);
return sanitized;
}
static Map<String, dynamic> sanitizeData(Map<String, dynamic> input) {
final output = <String, dynamic>{};
for (final entry in input.entries) {
if (_isSensitiveKey(entry.key)) {
output[entry.key] = '*****';
} else {
output[entry.key] = _sanitizeValue(entry.value);
}
}
return output;
}
static dynamic _sanitizeValue(dynamic value) {
if (value is Map<String, dynamic>) {
return sanitizeData(value);
}
if (value is List) {
return value.map(_sanitizeValue).toList(growable: false);
}
if (value is String) {
return sanitizeMessage(value);
}
return value;
}
static bool _isSensitiveKey(String key) {
var normalized = key.trim().toLowerCase();
normalized = normalized.replaceAll(RegExp(r'[-_.\s]'), '');
return _sensitiveKeys.contains(normalized);
}
}

42
userfront/lib/core/services/logger_service.dart
View File

@@ -1,8 +1,10 @@
import 'dart:convert';
import 'package:flutter/foundation.dart';
import 'package:flutter_dotenv/flutter_dotenv.dart';
import 'package:logging/logging.dart' as std_log;
import 'package:logger/logger.dart' as pretty_log;
import 'auth_proxy_service.dart';
import 'log_policy.dart';
/// Global Logger Service for Baron SSO Frontend
class LoggerService {
@@ -10,8 +12,20 @@ class LoggerService {
factory LoggerService() => _instance;
late final pretty_log.Logger _prettyLogger;
late final String _appEnv;
late final String _productionDebugFlag;
LoggerService._internal() {
_appEnv = _envOrDefault('APP_ENV', 'dev');
_productionDebugFlag = _envOrDefault(
'CLIENT_LOG_DEBUG',
_envOrDefault('USERFRONT_DEBUG_LOG', ''),
);
final debugEnabled = LogPolicy.debugEnabled(
appEnv: _appEnv,
productionDebugFlag: _productionDebugFlag,
);
// 1. Initialize Pretty Logger for Dev
_prettyLogger = pretty_log.Logger(
printer: pretty_log.PrettyPrinter(
@@ -25,9 +39,9 @@ class LoggerService {
);
// 2. Configure Standard Logger (logging package)
std_log.Logger.root.level = kReleaseMode
? std_log.Level.WARNING
: std_log.Level.ALL;
std_log.Logger.root.level = debugEnabled
? std_log.Level.ALL
: std_log.Level.WARNING;
std_log.Logger.root.onRecord.listen((record) {
if (kReleaseMode) {
@@ -40,6 +54,17 @@ class LoggerService {
});
}
static String _envOrDefault(String key, String fallback) {
if (!dotenv.isInitialized) {
return fallback;
}
final value = dotenv.env[key];
if (value == null || value.trim().isEmpty) {
return fallback;
}
return value;
}
/// Initialize the logger. Call this in main.dart
static void init() {
// Accessing the instance triggers the constructor
@@ -64,10 +89,11 @@ class LoggerService {
}
void _logJson(std_log.LogRecord record) {
final sanitizedMessage = LogPolicy.sanitizeMessage(record.message);
final logData = {
'time': record.time.toUtc().toIso8601String(), // Use UTC for consistency
'level': record.level.name,
'msg': record.message,
'msg': sanitizedMessage,
'svc': 'baron-userfront',
if (record.error != null) 'error': record.error.toString(),
if (record.stackTrace != null) 'stack': record.stackTrace.toString(),
@@ -77,10 +103,14 @@ class LoggerService {
debugPrint(jsonEncode(logData));
// 2. Relay to Backend (Docker Terminal)
if (record.level >= std_log.Level.WARNING) {
if (LogPolicy.shouldRelayClientLog(
level: record.level.name,
appEnv: _appEnv,
productionDebugFlag: _productionDebugFlag,
)) {
AuthProxyService.sendLog(
record.level.name,
record.message,
sanitizedMessage,
data: {
'client_time': record.time.toUtc().toIso8601String(),
'logger': record.loggerName,

9
userfront/lib/features/auth/presentation/login_screen.dart
View File

@@ -1361,6 +1361,9 @@ class _LoginScreenState extends ConsumerState<LoginScreen>
child: Column(
children: [
TextField(
key: const ValueKey(
'password_login_id_input',
),
controller: _passwordLoginIdController,
decoration: InputDecoration(
labelText: tr(
@@ -1375,6 +1378,9 @@ class _LoginScreenState extends ConsumerState<LoginScreen>
),
const SizedBox(height: 16),
TextField(
key: const ValueKey(
'password_login_password_input',
),
controller: _passwordController,
obscureText: true,
decoration: InputDecoration(
@@ -1390,6 +1396,9 @@ class _LoginScreenState extends ConsumerState<LoginScreen>
),
const SizedBox(height: 24),
FilledButton(
key: const ValueKey(
'password_login_submit_button',
),
onPressed: _handlePasswordLogin,
style: FilledButton.styleFrom(
minimumSize: const Size.fromHeight(50),

3
userfront/lib/features/auth/presentation/reset_password_screen.dart
View File

@@ -192,6 +192,7 @@ class _ResetPasswordScreenState extends State<ResetPasswordScreen> {
),
const SizedBox(height: 40),
TextFormField(
key: const ValueKey('reset_password_new_input'),
controller: _passwordController,
obscureText: _isPasswordObscured,
decoration: InputDecoration(
@@ -263,6 +264,7 @@ class _ResetPasswordScreenState extends State<ResetPasswordScreen> {
),
const SizedBox(height: 16),
TextFormField(
key: const ValueKey('reset_password_confirm_input'),
controller: _confirmPasswordController,
obscureText: _isConfirmPasswordObscured,
decoration: InputDecoration(
@@ -292,6 +294,7 @@ class _ResetPasswordScreenState extends State<ResetPasswordScreen> {
),
const SizedBox(height: 24),
FilledButton(
key: const ValueKey('reset_password_submit_button'),
onPressed: _isLoading ? null : _handlePasswordReset,
style: FilledButton.styleFrom(
minimumSize: const Size.fromHeight(50),

60
userfront/lib/features/dashboard/presentation/dashboard_screen.dart
View File

@@ -1,5 +1,6 @@
import 'dart:async';
import 'dart:convert';
import 'dart:math' as math;
import 'package:flutter/material.dart';
import 'package:flutter/services.dart';
import 'package:flutter_riverpod/flutter_riverpod.dart';
@@ -31,6 +32,9 @@ class _DashboardScreenState extends ConsumerState<DashboardScreen> {
static const _surface = Colors.white;
static const _border = Color(0xFFE5E7EB);
static const _subtle = Color(0xFFF7F8FA);
static const double _historySessionMinWidth = 92;
static const double _historyOtherColumnsBaselineWidth = 780;
static const int _historySessionMinVisibleChars = 8;
final ScrollController _pageScrollController = ScrollController();
final ScrollController _rpScrollController = ScrollController();
@@ -1370,6 +1374,9 @@ class _DashboardScreenState extends ConsumerState<DashboardScreen> {
children: [
LayoutBuilder(
builder: (context, constraints) {
final sessionColumnWidth = _historySessionColumnWidth(
constraints.maxWidth,
);
return SingleChildScrollView(
scrollDirection: Axis.horizontal,
child: ConstrainedBox(
@@ -1379,10 +1386,13 @@ class _DashboardScreenState extends ConsumerState<DashboardScreen> {
horizontalMargin: 12,
columns: [
DataColumn(
label: Text(
tr(
'ui.userfront.audit.table.session_id',
fallback: 'Session ID',
label: SizedBox(
width: sessionColumnWidth,
child: Text(
tr(
'ui.userfront.audit.table.session_id',
fallback: 'Session ID',
),
),
),
),
@@ -1426,10 +1436,14 @@ class _DashboardScreenState extends ConsumerState<DashboardScreen> {
return DataRow(
cells: [
DataCell(
_selectableText(
log.sessionId.isEmpty
? tr('ui.common.hyphen', fallback: '-')
: log.sessionId,
SizedBox(
width: sessionColumnWidth,
child: _buildHistorySessionIdCell(
log.sessionId.isEmpty
? tr('ui.common.hyphen', fallback: '-')
: log.sessionId,
sessionColumnWidth,
),
),
),
DataCell(
@@ -1474,6 +1488,36 @@ class _DashboardScreenState extends ConsumerState<DashboardScreen> {
);
}
double _historySessionColumnWidth(double maxWidth) {
return math.max(
_historySessionMinWidth,
maxWidth - _historyOtherColumnsBaselineWidth,
);
}
String _compactSessionId(String sessionId) {
if (sessionId.length <= _historySessionMinVisibleChars) {
return sessionId;
}
return '${sessionId.substring(0, _historySessionMinVisibleChars)}...';
}
Widget _buildHistorySessionIdCell(String sessionId, double columnWidth) {
final compactMode = columnWidth <= _historySessionMinWidth + 0.5;
final displayText = compactMode ? _compactSessionId(sessionId) : sessionId;
final textWidget = Text(
displayText,
maxLines: 1,
softWrap: false,
overflow: TextOverflow.ellipsis,
);
if (displayText == sessionId) {
return textWidget;
}
return Tooltip(message: sessionId, child: textWidget);
}
Widget _buildHistoryList(AuthTimelineState state) {
return _buildHistoryContainer(
child: Column(

117
userfront/lib/features/profile/presentation/pages/profile_page.dart
View File

@@ -1,6 +1,7 @@
import 'package:flutter/material.dart';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import 'package:go_router/go_router.dart';
import 'package:logging/logging.dart';
import 'package:userfront/i18n.dart';
import '../../../../core/notifiers/auth_notifier.dart';
import '../../../../core/i18n/locale_utils.dart';
@@ -22,6 +23,7 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
static const _surface = Colors.white;
static const _border = Color(0xFFE5E7EB);
static const _subtle = Color(0xFFF7F8FA);
static final _log = Logger('ProfilePage');
UserProfile? _cachedProfile;
String? _editingField;
@@ -41,6 +43,7 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
bool _phoneTouched = false;
bool _phoneCodeTouched = false;
bool _isSavingField = false;
String? _skipAutoSaveField;
String _initialPhone = '';
bool _isPhoneChanged = false;
@@ -64,6 +67,22 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
_phoneCodeFocus.addListener(_onPhoneCodeFocusChange);
}
void _debugLog(
String event, {
String? field,
String? reason,
bool? changed,
bool? hasFocus,
}) {
final parts = <String>['event=$event'];
if (field != null) parts.add('field=$field');
if (reason != null) parts.add('reason=$reason');
if (changed != null) parts.add('changed=$changed');
if (hasFocus != null) parts.add('hasFocus=$hasFocus');
if (_editingField != null) parts.add('editing=$_editingField');
_log.fine(parts.join(' '));
}
void _onNameFocusChange() {
if (!mounted) return;
if (!_nameFocus.hasFocus && _nameTouched) {
@@ -76,6 +95,11 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
void _onDepartmentFocusChange() {
if (!mounted) return;
_debugLog(
'department_focus_change',
field: 'department',
hasFocus: _departmentFocus.hasFocus,
);
if (!_departmentFocus.hasFocus && _departmentTouched) {
final profile = ref.read(profileProvider).value ?? _cachedProfile;
if (profile != null) _autoSaveIfEditing(profile, 'department');
@@ -179,6 +203,7 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
}
void _startEditing(String field, UserProfile profile) {
_debugLog('start_editing', field: field);
setState(() {
_editingField = field;
if (field == 'name') {
@@ -354,9 +379,26 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
void _autoSaveIfEditing(UserProfile profile, String field) {
if (_editingField != field) return;
if (_isVerifying) return;
if (_isSavingField) return;
if (_skipAutoSaveField == field) {
_debugLog('autosave_skip', field: field, reason: 'skip_flag');
_skipAutoSaveField = null;
return;
}
if (_isVerifying) {
_debugLog('autosave_skip', field: field, reason: 'verifying');
return;
}
if (_isSavingField) {
_debugLog('autosave_skip', field: field, reason: 'saving_in_flight');
return;
}
if (!_hasFieldChanged(profile, field)) {
_debugLog(
'autosave_skip',
field: field,
reason: 'unchanged',
changed: false,
);
setState(() {
if (field == 'phone') {
_resetPhoneState();
@@ -370,11 +412,16 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
});
return;
}
_debugLog('autosave_trigger', field: field, changed: true);
_saveField(profile);
}
void _handlePhoneFocusChange(UserProfile profile) {
if (_editingField != 'phone') return;
if (_skipAutoSaveField == 'phone') {
_skipAutoSaveField = null;
return;
}
if (_isVerifying) return;
if (_isSavingField) return;
if (_phoneFocus.hasFocus || _phoneCodeFocus.hasFocus) return;
@@ -403,25 +450,33 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
Future<void> _saveField(UserProfile profile) async {
if (_editingField == null) return;
if (_isSavingField) return;
if (_isSavingField) {
_debugLog('save_skip', reason: 'saving_in_flight');
return;
}
final currentField = _editingField!;
final nextName = _editingField == 'name'
final nextName = currentField == 'name'
? _nameController!.text.trim()
: profile.name;
final nextPhone = _editingField == 'phone'
final nextPhone = currentField == 'phone'
? _phoneController!.text.trim()
: profile.phone;
final nextDepartment = _editingField == 'department'
final nextDepartment = currentField == 'department'
? _departmentController!.text.trim()
: profile.department;
if (_editingField == 'name' && nextName.isEmpty) {
_debugLog('save_attempt', field: currentField);
if (currentField == 'name' && nextName.isEmpty) {
_debugLog('save_skip', field: currentField, reason: 'empty_name');
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(content: Text(tr('msg.userfront.profile.name_required'))),
);
return;
}
if (_editingField == 'department' && nextDepartment.isEmpty) {
if (currentField == 'department' && nextDepartment.isEmpty) {
_debugLog('save_skip', field: currentField, reason: 'empty_department');
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
content: Text(tr('msg.userfront.profile.department_required')),
@@ -429,14 +484,20 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
);
return;
}
if (_editingField == 'phone') {
if (currentField == 'phone') {
if (nextPhone.isEmpty) {
_debugLog('save_skip', field: currentField, reason: 'empty_phone');
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(content: Text(tr('msg.userfront.profile.phone_required'))),
);
return;
}
if (_isPhoneChanged && !_isPhoneVerified) {
_debugLog(
'save_skip',
field: currentField,
reason: 'phone_not_verified',
);
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
content: Text(tr('msg.userfront.profile.phone_verify_required')),
@@ -446,7 +507,13 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
}
}
if (!_hasFieldChanged(profile, _editingField!)) {
if (!_hasFieldChanged(profile, currentField)) {
_debugLog(
'save_skip',
field: currentField,
reason: 'unchanged',
changed: false,
);
setState(() {
if (_editingField == 'phone') {
_resetPhoneState();
@@ -459,6 +526,7 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
}
_isSavingField = true;
_debugLog('save_dispatch', field: currentField, changed: true);
try {
await ref
@@ -470,7 +538,7 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
);
if (mounted) {
setState(() {
if (_editingField == 'phone') {
if (currentField == 'phone') {
_initialPhone = nextPhone;
_resetPhoneState();
}
@@ -478,11 +546,13 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
_nameTouched = false;
_departmentTouched = false;
});
_debugLog('save_success', field: currentField);
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(content: Text(tr('msg.userfront.profile.update_success'))),
);
}
} catch (e) {
_debugLog('save_failed', field: currentField, reason: e.toString());
if (mounted) {
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
@@ -704,6 +774,7 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
title: Text(label),
subtitle: Text(displayValue),
trailing: TextButton(
key: Key('profile-$field-edit-button'),
onPressed: isUpdating ? null : () => _startEditing(field, profile),
child: Text(tr('ui.common.edit')),
),
@@ -720,6 +791,7 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
children: [
Expanded(
child: TextField(
key: Key('profile-$field-input'),
controller: controller,
focusNode: field == 'name' ? _nameFocus : _departmentFocus,
textInputAction: TextInputAction.done,
@@ -731,9 +803,15 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
),
),
const SizedBox(width: 12),
OutlinedButton(
onPressed: isUpdating ? null : () => _cancelEditing(profile),
child: Text(tr('ui.common.cancel')),
Listener(
onPointerDown: (_) {
_skipAutoSaveField = field;
},
child: OutlinedButton(
key: Key('profile-$field-cancel-button'),
onPressed: isUpdating ? null : () => _cancelEditing(profile),
child: Text(tr('ui.common.cancel')),
),
),
],
),
@@ -796,9 +874,14 @@ class _ProfilePageState extends ConsumerState<ProfilePage> {
),
),
const SizedBox(width: 8),
OutlinedButton(
onPressed: isUpdating ? null : () => _cancelEditing(profile),
child: Text(tr('ui.common.cancel')),
Listener(
onPointerDown: (_) {
_skipAutoSaveField = 'phone';
},
child: OutlinedButton(
onPressed: isUpdating ? null : () => _cancelEditing(profile),
child: Text(tr('ui.common.cancel')),
),
),
],
),

114
userfront/test/log_policy_test.dart Normal file
View File

@@ -0,0 +1,114 @@
import 'package:flutter_test/flutter_test.dart';
import 'package:userfront/core/services/log_policy.dart';
void main() {
group('LogPolicy.debugEnabled', () {
test('non production enables debug by default', () {
expect(
LogPolicy.debugEnabled(appEnv: 'dev', productionDebugFlag: null),
isTrue,
);
expect(
LogPolicy.debugEnabled(appEnv: 'staging', productionDebugFlag: 'false'),
isTrue,
);
});
test('production disables debug unless explicitly enabled', () {
expect(
LogPolicy.debugEnabled(appEnv: 'production', productionDebugFlag: ''),
isFalse,
);
expect(
LogPolicy.debugEnabled(
appEnv: 'production',
productionDebugFlag: 'true',
),
isTrue,
);
expect(
LogPolicy.debugEnabled(appEnv: 'prod', productionDebugFlag: '1'),
isTrue,
);
});
});
group('LogPolicy.shouldRelayClientLog', () {
test('production default forwards only warning or higher', () {
expect(
LogPolicy.shouldRelayClientLog(
level: 'INFO',
appEnv: 'production',
productionDebugFlag: '',
),
isFalse,
);
expect(
LogPolicy.shouldRelayClientLog(
level: 'WARNING',
appEnv: 'production',
productionDebugFlag: '',
),
isTrue,
);
expect(
LogPolicy.shouldRelayClientLog(
level: 'ERROR',
appEnv: 'production',
productionDebugFlag: '',
),
isTrue,
);
});
test('production debug option forwards info logs', () {
expect(
LogPolicy.shouldRelayClientLog(
level: 'INFO',
appEnv: 'production',
productionDebugFlag: 'true',
),
isTrue,
);
});
});
group('LogPolicy.sanitize', () {
test('sanitizes sensitive message patterns', () {
const message =
'token=abc123 payload={"password":"hello","safe":"ok"} authorization:BearerXYZ';
final sanitized = LogPolicy.sanitizeMessage(message);
expect(sanitized, isNot(contains('abc123')));
expect(sanitized, contains('token=*****'));
expect(sanitized, contains('"password":"*****"'));
expect(sanitized, contains('authorization=*****'));
});
test('sanitizes nested sensitive keys', () {
final data = <String, dynamic>{
'token': 'tok',
'ok': 'value',
'nested': {'new_password': 'pw', 'safe': 'x'},
'arr': [
{'authorization': 'Bearer secret'},
'cookie=session=raw',
],
};
final sanitized = LogPolicy.sanitizeData(data);
expect(sanitized['token'], '*****');
expect(sanitized['ok'], 'value');
expect(
(sanitized['nested'] as Map<String, dynamic>)['new_password'],
'*****',
);
expect((sanitized['nested'] as Map<String, dynamic>)['safe'], 'x');
expect(
((sanitized['arr'] as List).first
as Map<String, dynamic>)['authorization'],
'*****',
);
expect((sanitized['arr'] as List)[1], 'cookie=*****');
});
});
}

112
userfront/test/profile_notifier_persistence_test.dart Normal file
View File

@@ -0,0 +1,112 @@
import 'package:flutter_test/flutter_test.dart';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import 'package:userfront/features/profile/data/models/user_profile_model.dart';
import 'package:userfront/features/profile/data/repositories/profile_repository.dart';
import 'package:userfront/features/profile/domain/notifiers/profile_notifier.dart';
class _FakeProfileRepository extends ProfileRepository {
_FakeProfileRepository({
required this.initialProfile,
required this.persistUpdate,
}) : _profile = initialProfile;
final UserProfile initialProfile;
final bool persistUpdate;
UserProfile _profile;
int updateCount = 0;
String? lastRequestedDepartment;
@override
Future<UserProfile> getMyProfile() async {
return _profile;
}
@override
Future<void> updateMyProfile({
required String name,
required String phone,
required String department,
}) async {
updateCount += 1;
lastRequestedDepartment = department;
if (!persistUpdate) {
return;
}
_profile = _profile.copyWith(
name: name,
phone: phone,
department: department,
);
}
}
UserProfile _seedProfile({required String department}) {
return UserProfile(
id: 'user-1',
email: 'qa@example.com',
name: 'QA User',
phone: '01012345678',
department: department,
affiliationType: 'employee',
companyCode: 'BARON',
);
}
void main() {
test('재현: 저장소가 소속 변경을 반영하지 않으면 loadProfile 이후 이전 값으로 보인다', () async {
final repository = _FakeProfileRepository(
initialProfile: _seedProfile(department: 'Old Dept'),
persistUpdate: false,
);
final container = ProviderContainer(
overrides: [profileRepositoryProvider.overrideWithValue(repository)],
);
addTearDown(container.dispose);
final initial = await container.read(profileProvider.future);
expect(initial?.department, 'Old Dept');
await container
.read(profileProvider.notifier)
.updateProfile(
name: 'QA User',
phone: '01012345678',
department: 'New Dept',
);
expect(repository.updateCount, 1);
expect(repository.lastRequestedDepartment, 'New Dept');
await container.read(profileProvider.notifier).loadProfile();
expect(container.read(profileProvider).value?.department, 'Old Dept');
});
test('소속 변경이 저장소에 반영되면 loadProfile 이후에도 변경값이 유지된다', () async {
final repository = _FakeProfileRepository(
initialProfile: _seedProfile(department: 'Old Dept'),
persistUpdate: true,
);
final container = ProviderContainer(
overrides: [profileRepositoryProvider.overrideWithValue(repository)],
);
addTearDown(container.dispose);
final initial = await container.read(profileProvider.future);
expect(initial?.department, 'Old Dept');
await container
.read(profileProvider.notifier)
.updateProfile(
name: 'QA User',
phone: '01012345678',
department: 'New Dept',
);
expect(repository.updateCount, 1);
expect(repository.lastRequestedDepartment, 'New Dept');
await container.read(profileProvider.notifier).loadProfile();
expect(container.read(profileProvider).value?.department, 'New Dept');
});
}