othman.suseno/calypso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

start working on the frontend side

Browse Source
This commit is contained in:
Warp Agent
2025-12-24 19:53:45 +00:00
parent 3aa0169af0
commit c962a223c6
84 changed files with 14761 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
scripts/test-frontend.sh Executable file
View File

@@ -0,0 +1,102 @@
#!/bin/bash
#
# AtlasOS - Calypso Frontend Test Script
# Tests the frontend application
#
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
FRONTEND_DIR="$PROJECT_ROOT/frontend"
echo "=========================================="
echo "Calypso Frontend Test Script"
echo "=========================================="
echo ""
# Check if Node.js is installed
if ! command -v node &> /dev/null; then
echo "❌ Node.js is not installed"
echo ""
echo "Please install Node.js 18+ first:"
echo " Option 1: Run the install script:"
echo " sudo ./scripts/install-requirements.sh"
echo ""
echo " Option 2: Install manually:"
echo " curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -"
echo " sudo apt-get install -y nodejs"
echo ""
exit 1
fi
NODE_VERSION=$(node --version)
NPM_VERSION=$(npm --version)
echo "✅ Node.js: $NODE_VERSION"
echo "✅ npm: $NPM_VERSION"
echo ""
# Check Node.js version (should be 18+)
NODE_MAJOR=$(echo "$NODE_VERSION" | cut -d'v' -f2 | cut -d'.' -f1)
if [ "$NODE_MAJOR" -lt 18 ]; then
echo "⚠️ Warning: Node.js version should be 18 or higher (found: $NODE_VERSION)"
echo ""
fi
# Check if backend is running
echo "Checking if backend API is running..."
if curl -s http://localhost:8080/api/v1/health > /dev/null 2>&1; then
echo "✅ Backend API is running on http://localhost:8080"
else
echo "⚠️ Warning: Backend API is not running on http://localhost:8080"
echo " The frontend will still work, but API calls will fail"
echo " Start the backend with:"
echo " cd backend && go run ./cmd/calypso-api -config config.yaml.example"
echo ""
fi
# Check if frontend directory exists
if [ ! -d "$FRONTEND_DIR" ]; then
echo "❌ Frontend directory not found: $FRONTEND_DIR"
exit 1
fi
cd "$FRONTEND_DIR"
# Check if node_modules exists
if [ ! -d "node_modules" ]; then
echo "📦 Installing dependencies..."
echo ""
npm install
echo ""
else
echo "✅ Dependencies already installed"
echo ""
fi
# Check if build works
echo "🔨 Testing build..."
if npm run build; then
echo "✅ Build successful"
echo ""
else
echo "❌ Build failed"
exit 1
fi
echo "=========================================="
echo "✅ Frontend test complete!"
echo "=========================================="
echo ""
echo "To start the development server:"
echo " cd frontend"
echo " npm run dev"
echo ""
echo "The frontend will be available at:"
echo " http://localhost:3000"
echo ""
echo "Make sure the backend is running on:"
echo " http://localhost:8080"
echo ""

210
scripts/test-monitoring.sh Executable file
View File

@@ -0,0 +1,210 @@
#!/bin/bash
# AtlasOS - Calypso Monitoring API Test Script
# Tests Enhanced Monitoring endpoints: alerts, metrics, health, WebSocket
set -e
# Configuration
API_URL="${API_URL:-http://localhost:8080}"
ADMIN_USER="${ADMIN_USER:-admin}"
ADMIN_PASS="${ADMIN_PASS:-admin123}"
TOKEN_FILE="/tmp/calypso-token.txt"
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Logging functions
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
log_success() {
echo -e "${GREEN}[✓]${NC} $1"
}
log_error() {
echo -e "${RED}[✗]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[!]${NC} $1"
}
# Test endpoint helper
test_endpoint() {
local method=$1
local endpoint=$2
local data=$3
local description=$4
local require_auth=${5:-true}
log_info "Testing: $description"
local headers="Content-Type: application/json"
if [ "$require_auth" = "true" ]; then
if [ ! -f "$TOKEN_FILE" ]; then
log_error "No authentication token found. Please login first."
return 1
fi
local token=$(cat "$TOKEN_FILE")
headers="$headers\nAuthorization: Bearer $token"
fi
local response
if [ -n "$data" ]; then
response=$(curl -s -w "\n%{http_code}" -X "$method" "$API_URL$endpoint" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
-d "$data" 2>/dev/null || echo -e "\n000")
else
response=$(curl -s -w "\n%{http_code}" -X "$method" "$API_URL$endpoint" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
2>/dev/null || echo -e "\n000")
fi
local http_code=$(echo "$response" | tail -n1)
local body=$(echo "$response" | sed '$d')
if [ "$http_code" = "200" ] || [ "$http_code" = "201" ]; then
log_success "$description (HTTP $http_code)"
echo "$body" | jq . 2>/dev/null || echo "$body"
return 0
else
log_error "$description failed (HTTP $http_code)"
echo "$body" | jq . 2>/dev/null || echo "$body"
return 1
fi
}
# Main test flow
main() {
log_info "=========================================="
log_info "AtlasOS - Calypso Monitoring API Testing"
log_info "=========================================="
log_info ""
# Test 1: Enhanced Health Check
log_info "Test 1: Enhanced Health Check"
if test_endpoint "GET" "/api/v1/health" "" "Enhanced health check" false; then
log_success "Health check endpoint working"
else
log_error "Health check failed. Is the API running?"
exit 1
fi
echo ""
# Test 2: Login (if needed)
if [ ! -f "$TOKEN_FILE" ]; then
log_info "Test 2: User Login"
login_data="{\"username\":\"$ADMIN_USER\",\"password\":\"$ADMIN_PASS\"}"
response=$(curl -s -X POST "$API_URL/api/v1/auth/login" \
-H "Content-Type: application/json" \
-d "$login_data")
token=$(echo "$response" | jq -r '.token' 2>/dev/null)
if [ -n "$token" ] && [ "$token" != "null" ]; then
echo "$token" > "$TOKEN_FILE"
log_success "Login successful"
else
log_error "Login failed"
echo "$response" | jq . 2>/dev/null || echo "$response"
log_warn "Note: You may need to create the admin user in the database first"
exit 1
fi
echo ""
else
log_info "Using existing authentication token"
echo ""
fi
# Test 3: List Alerts
log_info "Test 3: List Alerts"
test_endpoint "GET" "/api/v1/monitoring/alerts" "" "List all alerts"
echo ""
# Test 4: List Alerts with Filters
log_info "Test 4: List Alerts (Critical Only)"
test_endpoint "GET" "/api/v1/monitoring/alerts?severity=critical&limit=10" "" "List critical alerts"
echo ""
# Test 5: Get Metrics
log_info "Test 5: Get System Metrics"
test_endpoint "GET" "/api/v1/monitoring/metrics" "" "Get system metrics"
echo ""
# Test 6: Create a Test Alert (if we can trigger one)
log_info "Test 6: Check for Active Alerts"
alerts_response=$(curl -s -X GET "$API_URL/api/v1/monitoring/alerts?limit=1" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $(cat $TOKEN_FILE)")
alert_id=$(echo "$alerts_response" | jq -r '.alerts[0].id' 2>/dev/null)
if [ -n "$alert_id" ] && [ "$alert_id" != "null" ]; then
log_success "Found alert: $alert_id"
# Test 7: Get Single Alert
log_info "Test 7: Get Alert Details"
test_endpoint "GET" "/api/v1/monitoring/alerts/$alert_id" "" "Get alert details"
echo ""
# Test 8: Acknowledge Alert (if not already acknowledged)
is_acknowledged=$(echo "$alerts_response" | jq -r '.alerts[0].is_acknowledged' 2>/dev/null)
if [ "$is_acknowledged" = "false" ]; then
log_info "Test 8: Acknowledge Alert"
test_endpoint "POST" "/api/v1/monitoring/alerts/$alert_id/acknowledge" "" "Acknowledge alert"
echo ""
else
log_warn "Test 8: Alert already acknowledged, skipping"
echo ""
fi
# Test 9: Resolve Alert
log_info "Test 9: Resolve Alert"
test_endpoint "POST" "/api/v1/monitoring/alerts/$alert_id/resolve" "" "Resolve alert"
echo ""
else
log_warn "No alerts found. Alert rules will generate alerts when conditions are met."
log_warn "You can wait for storage capacity alerts or task failure alerts."
echo ""
fi
# Test 10: WebSocket Connection Test (basic)
log_info "Test 10: WebSocket Connection Test"
log_warn "WebSocket testing requires a WebSocket client."
log_info "You can test WebSocket connections using:"
log_info " - Browser: new WebSocket('ws://localhost:8080/api/v1/monitoring/events')"
log_info " - wscat: wscat -c ws://localhost:8080/api/v1/monitoring/events"
log_info " - curl (with --include): curl --include --no-buffer --header 'Connection: Upgrade' --header 'Upgrade: websocket' --header 'Sec-WebSocket-Key: test' --header 'Sec-WebSocket-Version: 13' http://localhost:8080/api/v1/monitoring/events"
echo ""
# Summary
log_info "=========================================="
log_info "Monitoring API Test Summary"
log_info "=========================================="
log_success "Enhanced Monitoring endpoints are operational!"
log_info ""
log_info "Available Endpoints:"
log_info " - GET /api/v1/health (enhanced)"
log_info " - GET /api/v1/monitoring/alerts"
log_info " - GET /api/v1/monitoring/alerts/:id"
log_info " - POST /api/v1/monitoring/alerts/:id/acknowledge"
log_info " - POST /api/v1/monitoring/alerts/:id/resolve"
log_info " - GET /api/v1/monitoring/metrics"
log_info " - GET /api/v1/monitoring/events (WebSocket)"
log_info ""
log_info "Alert Rules Active:"
log_info " - Storage Capacity Warning (80%)"
log_info " - Storage Capacity Critical (95%)"
log_info " - Task Failure (60 min lookback)"
log_info ""
}
# Run tests
main "$@"

264
scripts/test-security.sh Executable file
View File

@@ -0,0 +1,264 @@
#!/bin/bash
# AtlasOS - Calypso Security Hardening Test Script
# Tests security features: password hashing, rate limiting, CORS, security headers
set -e
# Configuration
API_URL="${API_URL:-http://localhost:8080}"
ADMIN_USER="${ADMIN_USER:-admin}"
ADMIN_PASS="${ADMIN_PASS:-admin123}"
TOKEN_FILE="/tmp/calypso-token.txt"
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Logging functions
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
log_success() {
echo -e "${GREEN}[✓]${NC} $1"
}
log_error() {
echo -e "${RED}[✗]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[!]${NC} $1"
}
# Test endpoint helper
test_endpoint() {
local method=$1
local endpoint=$2
local data=$3
local description=$4
local require_auth=${5:-true}
local expected_status=${6:-200}
log_info "Testing: $description"
local headers="Content-Type: application/json"
if [ "$require_auth" = "true" ]; then
if [ ! -f "$TOKEN_FILE" ]; then
log_error "No authentication token found. Please login first."
return 1
fi
local token=$(cat "$TOKEN_FILE")
headers="$headers\nAuthorization: Bearer $token"
fi
local response
if [ -n "$data" ]; then
response=$(curl -s -w "\n%{http_code}" -X "$method" "$API_URL$endpoint" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
-d "$data" 2>/dev/null || echo -e "\n000")
else
response=$(curl -s -w "\n%{http_code}" -X "$method" "$API_URL$endpoint" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
2>/dev/null || echo -e "\n000")
fi
local http_code=$(echo "$response" | tail -n1)
local body=$(echo "$response" | sed '$d')
if [ "$http_code" = "$expected_status" ]; then
log_success "$description (HTTP $http_code)"
if [ "$http_code" != "204" ] && [ "$http_code" != "429" ]; then
echo "$body" | jq . 2>/dev/null || echo "$body"
fi
return 0
else
log_error "$description failed (HTTP $http_code, expected $expected_status)"
echo "$body" | jq . 2>/dev/null || echo "$body"
return 1
fi
}
# Test headers helper
test_headers() {
local endpoint=$1
local description=$2
local header_name=$3
local expected_value=${4:-""}
log_info "Testing: $description"
local token=""
if [ -f "$TOKEN_FILE" ]; then
token=$(cat "$TOKEN_FILE")
fi
local headers=$(curl -s -I -X GET "$API_URL$endpoint" \
-H "Authorization: Bearer $token" 2>/dev/null)
if echo "$headers" | grep -qi "$header_name"; then
local value=$(echo "$headers" | grep -i "$header_name" | cut -d: -f2 | xargs)
log_success "$description - Found: $header_name: $value"
if [ -n "$expected_value" ] && [ "$value" != "$expected_value" ]; then
log_warn "Expected: $expected_value, Got: $value"
fi
return 0
else
log_error "$description - Header $header_name not found"
return 1
fi
}
# Main test flow
main() {
log_info "=========================================="
log_info "AtlasOS - Calypso Security Hardening Test"
log_info "=========================================="
log_info ""
# Test 1: Login (to get token)
log_info "Test 1: User Login (Password Hashing)"
login_data="{\"username\":\"$ADMIN_USER\",\"password\":\"$ADMIN_PASS\"}"
response=$(curl -s -X POST "$API_URL/api/v1/auth/login" \
-H "Content-Type: application/json" \
-d "$login_data")
token=$(echo "$response" | jq -r '.token' 2>/dev/null)
if [ -n "$token" ] && [ "$token" != "null" ]; then
echo "$token" > "$TOKEN_FILE"
log_success "Login successful (password verification working)"
echo "$response" | jq . 2>/dev/null || echo "$response"
else
log_error "Login failed"
echo "$response" | jq . 2>/dev/null || echo "$response"
log_warn "Note: You may need to create the admin user in the database first"
exit 1
fi
echo ""
# Test 2: Security Headers
log_info "Test 2: Security Headers"
test_headers "/api/v1/health" "X-Frame-Options" "X-Frame-Options" "DENY"
test_headers "/api/v1/health" "X-Content-Type-Options" "X-Content-Type-Options" "nosniff"
test_headers "/api/v1/health" "X-XSS-Protection" "X-XSS-Protection" "1; mode=block"
test_headers "/api/v1/health" "Content-Security-Policy" "Content-Security-Policy"
test_headers "/api/v1/health" "Referrer-Policy" "Referrer-Policy"
echo ""
# Test 3: CORS Headers
log_info "Test 3: CORS Headers"
cors_response=$(curl -s -I -X OPTIONS "$API_URL/api/v1/health" \
-H "Origin: http://example.com" \
-H "Access-Control-Request-Method: GET" 2>/dev/null)
if echo "$cors_response" | grep -qi "Access-Control-Allow-Origin"; then
log_success "CORS headers present"
echo "$cors_response" | grep -i "Access-Control" || true
else
log_error "CORS headers not found"
fi
echo ""
# Test 4: Rate Limiting
log_info "Test 4: Rate Limiting"
log_info "Making rapid requests to test rate limiting..."
rate_limit_hit=false
for i in {1..150}; do
response=$(curl -s -w "\n%{http_code}" -X GET "$API_URL/api/v1/health" 2>/dev/null)
http_code=$(echo "$response" | tail -n1)
if [ "$http_code" = "429" ]; then
rate_limit_hit=true
log_success "Rate limit triggered at request #$i (HTTP 429)"
break
fi
if [ $((i % 20)) -eq 0 ]; then
echo -n "."
fi
done
if [ "$rate_limit_hit" = "false" ]; then
log_warn "Rate limit not triggered (may be disabled or limit is high)"
fi
echo ""
echo ""
# Test 5: Create User with Password Hashing
log_info "Test 5: Create User (Password Hashing)"
test_user="test-security-$(date +%s)"
test_pass="TestPassword123!"
create_user_data="{\"username\":\"$test_user\",\"email\":\"$test_user@test.com\",\"password\":\"$test_pass\",\"full_name\":\"Test User\"}"
if test_endpoint "POST" "/api/v1/iam/users" "$create_user_data" "Create test user" true 201; then
log_success "User created (password should be hashed in database)"
log_info "Note: Verify in database that password_hash is not plaintext"
else
log_warn "User creation failed (may need admin permissions)"
fi
echo ""
# Test 6: Login with New User (Password Verification)
if [ -n "$test_user" ]; then
log_info "Test 6: Login with New User (Password Verification)"
login_data="{\"username\":\"$test_user\",\"password\":\"$test_pass\"}"
response=$(curl -s -X POST "$API_URL/api/v1/auth/login" \
-H "Content-Type: application/json" \
-d "$login_data")
token=$(echo "$response" | jq -r '.token' 2>/dev/null)
if [ -n "$token" ] && [ "$token" != "null" ]; then
log_success "Login with new user successful (password verification working)"
else
log_error "Login with new user failed"
echo "$response" | jq . 2>/dev/null || echo "$response"
fi
echo ""
# Test 7: Wrong Password
log_info "Test 7: Wrong Password (Should Fail)"
login_data="{\"username\":\"$test_user\",\"password\":\"WrongPassword123!\"}"
response=$(curl -s -w "\n%{http_code}" -X POST "$API_URL/api/v1/auth/login" \
-H "Content-Type: application/json" \
-d "$login_data")
http_code=$(echo "$response" | tail -n1)
if [ "$http_code" = "401" ]; then
log_success "Wrong password correctly rejected (HTTP 401)"
else
log_error "Wrong password not rejected (HTTP $http_code)"
fi
echo ""
fi
# Summary
log_info "=========================================="
log_info "Security Hardening Test Summary"
log_info "=========================================="
log_success "Security features are operational!"
log_info ""
log_info "Tested Features:"
log_info " ✅ Password Hashing (Argon2id)"
log_info " ✅ Password Verification"
log_info " ✅ Security Headers (6 headers)"
log_info " ✅ CORS Configuration"
log_info " ✅ Rate Limiting"
log_info ""
log_info "Manual Verification Needed:"
log_info " - Check database: password_hash should be Argon2id format"
log_info " - Check database: token_hash should be SHA-256 hex string"
log_info " - Review CORS config: Should restrict origins in production"
log_info ""
}
# Run tests
main "$@"

75
scripts/update-admin-password.sh Executable file
View File

@@ -0,0 +1,75 @@
#!/bin/bash
# Update admin user password with Argon2id hash
# This is needed after implementing password hashing
set -e
DB_HOST="${CALYPSO_DB_HOST:-localhost}"
DB_PORT="${CALYPSO_DB_PORT:-5432}"
DB_USER="${CALYPSO_DB_USER:-calypso}"
DB_NAME="${CALYPSO_DB_NAME:-calypso}"
DB_PASSWORD="${CALYPSO_DB_PASSWORD:-calypso123}"
ADMIN_USER="${ADMIN_USER:-admin}"
ADMIN_PASS="${ADMIN_PASS:-admin123}"
echo "Updating admin user password with Argon2id hash..."
# Create a temporary Go program to hash the password
cat > /tmp/hash-password.go << 'EOF'
package main
import (
"fmt"
"os"
"github.com/atlasos/calypso/internal/common/config"
"github.com/atlasos/calypso/internal/common/password"
)
func main() {
if len(os.Args) < 2 {
fmt.Fprintf(os.Stderr, "Usage: %s <password>\n", os.Args[0])
os.Exit(1)
}
pwd := os.Args[1]
params := config.Argon2Params{
Memory: 64 * 1024,
Iterations: 3,
Parallelism: 4,
SaltLength: 16,
KeyLength: 32,
}
hash, err := password.HashPassword(pwd, params)
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(1)
}
fmt.Println(hash)
}
EOF
cd /development/calypso/backend
HASH=$(go run /tmp/hash-password.go "$ADMIN_PASS" 2>/dev/null)
if [ -z "$HASH" ]; then
echo "Failed to generate password hash"
exit 1
fi
echo "Generated hash: ${HASH:0:50}..."
# Update database
PGPASSWORD="$DB_PASSWORD" psql -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER" -d "$DB_NAME" << EOF
UPDATE users
SET password_hash = '$HASH', updated_at = NOW()
WHERE username = '$ADMIN_USER';
SELECT username, LEFT(password_hash, 50) as hash_preview FROM users WHERE username = '$ADMIN_USER';
EOF
echo ""
echo "Admin password updated successfully!"
echo "You can now login with username: $ADMIN_USER"