HaniBlindBox/server/HoneyBox/src/HoneyBox.Api/auth.http

# HoneyBox API 认证接口测试文件
# 用于验证所有认证相关的控制器接口

@baseUrl = http://localhost:5238/api
@contentType = application/json

# 测试用Token（需要通过登录接口获取真实Token后替换）
# 下面是一个有效的测试Token（用户ID: 21583），有效期至2026年
# 如需测试其他用户，请通过登录接口获取新Token
@authToken = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoi5b6u5L-h55So5oi3MTMxMCIsImV4cCI6MTc2NzQzMTM1OCwidWlkIjoiMzMyMjY2IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZWlkZW50aWZpZXIiOiIyMTU4MyIsImF1ZCI6IkhvbmV5Qm94VXNlcnMiLCJpc3MiOiJIb25leUJveCJ9.700XWIUmzEumNk5tNYRshh7M42A8MG1X4yTHuz9PZbc

### ============================================
### 1. 健康检查接口
### ============================================

### 1.1 健康检查 - 验证服务是否正常运行
# GET /api/health
GET {{baseUrl}}/health
Accept: {{contentType}}

### ============================================
### 2. 认证接口 (AuthController)
### ============================================

### 2.1 微信小程序登录
# POST /api/login
# Requirements: 1.1-1.8
# 注意：需要有效的微信授权code才能成功
POST {{baseUrl}}/login
Content-Type: {{contentType}}

{
    "code": "test_wechat_code",
    "pid": null,
    "clickId": null
}

### 2.2 手机号验证码登录
# POST /api/mobileLogin
# Requirements: 2.1-2.7
# 注意：需要先通过PHP接口发送验证码，验证码存储在Redis中
POST {{baseUrl}}/mobileLogin
Content-Type: {{contentType}}

{
    "mobile": "13800138000",
    "code": "123456",
    "pid": null,
    "clickId": null
}

### 2.3 微信授权绑定手机号 (需要认证)
# POST /api/login_bind_mobile
# Requirements: 5.1-5.5
POST {{baseUrl}}/login_bind_mobile
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "code": "wechat_phone_auth_code"
}

### 2.4 验证码绑定手机号 (需要认证)
# POST /api/bindMobile
# Requirements: 5.1-5.5
POST {{baseUrl}}/bindMobile
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "mobile": "13800138000",
    "code": "123456"
}

### 2.5 记录用户登录 - POST方式 (需要认证)
# POST /api/login_record
# Requirements: 6.1-6.4
POST {{baseUrl}}/login_record
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "device": "android",
    "deviceInfo": "Xiaomi Mi 10"
}

### 2.6 记录用户登录 - GET方式 (需要认证)
# GET /api/login_record
# Requirements: 6.1-6.4
GET {{baseUrl}}/login_record
Authorization: Bearer {{authToken}}

### ============================================
### 3. 用户接口 (UserController)
### ============================================

### 3.1 获取用户信息 (需要认证)
# POST /api/user
# Requirements: 4.1-4.5
POST {{baseUrl}}/user
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

### 3.2 更新用户信息 - 更新昵称 (需要认证)
# POST /api/update_userinfo
# Requirements: 4.2, 4.3
POST {{baseUrl}}/update_userinfo
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "nickname": "测试用户昵称"
}

### 3.3 更新用户信息 - 更新头像URL (需要认证)
# POST /api/update_userinfo
# Requirements: 4.2, 4.3
POST {{baseUrl}}/update_userinfo
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "headimg": "https://example.com/avatar.png"
}

### 3.4 更新用户信息 - Base64头像上传 (需要认证)
# POST /api/update_userinfo
# Requirements: 4.2, 4.3
# 注意：imagebase应为有效的Base64编码图片
POST {{baseUrl}}/update_userinfo
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "imagebase": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="
}

### 3.5 账号注销 - 注销账号 (需要认证)
# POST /api/user_log_off
# Requirements: 7.1-7.3
# type=0 表示注销账号
POST {{baseUrl}}/user_log_off
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "type": 0
}

### 3.6 账号注销 - 取消注销 (需要认证)
# POST /api/user_log_off
# Requirements: 7.1-7.3
# type=1 表示取消注销
POST {{baseUrl}}/user_log_off
Content-Type: {{contentType}}
Authorization: Bearer {{authToken}}

{
    "type": 1
}

### ============================================
### 4. 错误场景测试
### ============================================

### 4.1 微信登录 - 空code
POST {{baseUrl}}/login
Content-Type: {{contentType}}

{
    "code": ""
}

### 4.2 手机号登录 - 空手机号
POST {{baseUrl}}/mobileLogin
Content-Type: {{contentType}}

{
    "mobile": "",
    "code": "123456"
}

### 4.3 手机号登录 - 空验证码
POST {{baseUrl}}/mobileLogin
Content-Type: {{contentType}}

{
    "mobile": "13800138000",
    "code": ""
}

### 4.4 未授权访问 - 获取用户信息（无Token）
POST {{baseUrl}}/user
Content-Type: {{contentType}}

### 4.5 未授权访问 - 更新用户信息（无Token）
POST {{baseUrl}}/update_userinfo
Content-Type: {{contentType}}

{
    "nickname": "测试"
}

### 4.6 未授权访问 - 绑定手机号（无Token）
POST {{baseUrl}}/bindMobile
Content-Type: {{contentType}}

{
    "mobile": "13800138000",
    "code": "123456"
}