# HoneyBox API 认证接口测试文件 # 用于验证所有认证相关的控制器接口 @baseUrl = http://localhost:5238/api @contentType = application/json # 测试用Token(需要通过登录接口获取真实Token后替换) # 下面是一个有效的测试Token(用户ID: 21583),有效期至2026年 # 如需测试其他用户,请通过登录接口获取新Token @authToken = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoi5b6u5L-h55So5oi3MTMxMCIsImV4cCI6MTc2NzQzMTM1OCwidWlkIjoiMzMyMjY2IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZWlkZW50aWZpZXIiOiIyMTU4MyIsImF1ZCI6IkhvbmV5Qm94VXNlcnMiLCJpc3MiOiJIb25leUJveCJ9.700XWIUmzEumNk5tNYRshh7M42A8MG1X4yTHuz9PZbc ### ============================================ ### 1. 健康检查接口 ### ============================================ ### 1.1 健康检查 - 验证服务是否正常运行 # GET /api/health GET {{baseUrl}}/health Accept: {{contentType}} ### ============================================ ### 2. 认证接口 (AuthController) ### ============================================ ### 2.1 微信小程序登录 # POST /api/login # Requirements: 1.1-1.8 # 注意:需要有效的微信授权code才能成功 POST {{baseUrl}}/login Content-Type: {{contentType}} { "code": "test_wechat_code", "pid": null, "clickId": null } ### 2.2 手机号验证码登录 # POST /api/mobileLogin # Requirements: 2.1-2.7 # 注意:需要先通过PHP接口发送验证码,验证码存储在Redis中 POST {{baseUrl}}/mobileLogin Content-Type: {{contentType}} { "mobile": "13800138000", "code": "123456", "pid": null, "clickId": null } ### 2.3 微信授权绑定手机号 (需要认证) # POST /api/login_bind_mobile # Requirements: 5.1-5.5 POST {{baseUrl}}/login_bind_mobile Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "code": "wechat_phone_auth_code" } ### 2.4 验证码绑定手机号 (需要认证) # POST /api/bindMobile # Requirements: 5.1-5.5 POST {{baseUrl}}/bindMobile Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "mobile": "13800138000", "code": "123456" } ### 2.5 记录用户登录 - POST方式 (需要认证) # POST /api/login_record # Requirements: 6.1-6.4 POST {{baseUrl}}/login_record Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "device": "android", "deviceInfo": "Xiaomi Mi 10" } ### 2.6 记录用户登录 - GET方式 (需要认证) # GET /api/login_record # Requirements: 6.1-6.4 GET {{baseUrl}}/login_record Authorization: Bearer {{authToken}} ### ============================================ ### 3. 用户接口 (UserController) ### ============================================ ### 3.1 获取用户信息 (需要认证) # POST /api/user # Requirements: 4.1-4.5 POST {{baseUrl}}/user Content-Type: {{contentType}} Authorization: Bearer {{authToken}} ### 3.2 更新用户信息 - 更新昵称 (需要认证) # POST /api/update_userinfo # Requirements: 4.2, 4.3 POST {{baseUrl}}/update_userinfo Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "nickname": "测试用户昵称" } ### 3.3 更新用户信息 - 更新头像URL (需要认证) # POST /api/update_userinfo # Requirements: 4.2, 4.3 POST {{baseUrl}}/update_userinfo Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "headimg": "https://example.com/avatar.png" } ### 3.4 更新用户信息 - Base64头像上传 (需要认证) # POST /api/update_userinfo # Requirements: 4.2, 4.3 # 注意:imagebase应为有效的Base64编码图片 POST {{baseUrl}}/update_userinfo Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "imagebase": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg==" } ### 3.5 账号注销 - 注销账号 (需要认证) # POST /api/user_log_off # Requirements: 7.1-7.3 # type=0 表示注销账号 POST {{baseUrl}}/user_log_off Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "type": 0 } ### 3.6 账号注销 - 取消注销 (需要认证) # POST /api/user_log_off # Requirements: 7.1-7.3 # type=1 表示取消注销 POST {{baseUrl}}/user_log_off Content-Type: {{contentType}} Authorization: Bearer {{authToken}} { "type": 1 } ### ============================================ ### 4. 错误场景测试 ### ============================================ ### 4.1 微信登录 - 空code POST {{baseUrl}}/login Content-Type: {{contentType}} { "code": "" } ### 4.2 手机号登录 - 空手机号 POST {{baseUrl}}/mobileLogin Content-Type: {{contentType}} { "mobile": "", "code": "123456" } ### 4.3 手机号登录 - 空验证码 POST {{baseUrl}}/mobileLogin Content-Type: {{contentType}} { "mobile": "13800138000", "code": "" } ### 4.4 未授权访问 - 获取用户信息(无Token) POST {{baseUrl}}/user Content-Type: {{contentType}} ### 4.5 未授权访问 - 更新用户信息(无Token) POST {{baseUrl}}/update_userinfo Content-Type: {{contentType}} { "nickname": "测试" } ### 4.6 未授权访问 - 绑定手机号(无Token) POST {{baseUrl}}/bindMobile Content-Type: {{contentType}} { "mobile": "13800138000", "code": "123456" }