southseact-3d/shopify-ai-backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d89250797439986ae6d020f827c553979100613
shopify-ai-backup/chat/TESTING_GUIDE.md

7.8 KiB
Raw Blame History

Testing Guide: Secure Database Implementation

This guide walks you through testing the secure database implementation locally and in a container.

Prerequisites

  • Node.js 20+ installed
  • Docker installed (for container testing)
  • OpenSSL (for generating keys)

Local Testing

1. Install Dependencies

cd chat
npm install

2. Generate Encryption Keys

export DATABASE_ENCRYPTION_KEY=$(openssl rand -hex 32)
export JWT_SECRET=$(openssl rand -hex 32)

echo "Save these keys for future use:"
echo "DATABASE_ENCRYPTION_KEY=$DATABASE_ENCRYPTION_KEY"
echo "JWT_SECRET=$JWT_SECRET"

3. Setup Database

node scripts/setup-database.js

Expected output:

✅ Database connected
✅ Database schema created
✅ Database tables created: users, sessions, refresh_tokens, etc.

4. Test Encryption

cat > test-encryption.js << 'EOF'
const { initEncryption, encrypt, decrypt } = require('./src/utils/encryption');
const crypto = require('crypto');

const key = crypto.randomBytes(32).toString('hex');
initEncryption(key);

const plaintext = 'sensitive@email.com';
const encrypted = encrypt(plaintext);
const decrypted = decrypt(encrypted);

console.log('✅ Encryption test:', plaintext === decrypted ? 'PASSED' : 'FAILED');
EOF

node test-encryption.js
rm test-encryption.js

5. Test Repositories

cat > test-repos.js << 'EOF'
const { initDatabase, closeDatabase } = require('./src/database/connection');
const { initEncryption } = require('./src/utils/encryption');
const userRepo = require('./src/repositories/userRepository');
const crypto = require('crypto');

initEncryption(process.env.DATABASE_ENCRYPTION_KEY);
initDatabase('./.data/shopify_ai.db');

const user = userRepo.createUser({
  id: 'test123',
  email: 'test@example.com',
  passwordHash: '$2b$12$test',
  emailVerified: true
});

console.log('✅ User created:', user.email);

const found = userRepo.getUserById('test123');
console.log('✅ User retrieved:', found.email);

userRepo.deleteUser('test123');
console.log('✅ User deleted');

closeDatabase();
EOF

node test-repos.js
rm test-repos.js

6. Test Migration

Create sample JSON data:

mkdir -p .data
cat > .data/users.json << 'EOF'
[
  {
    "id": "user1",
    "email": "test@example.com",
    "passwordHash": "$2b$12$test",
    "emailVerified": true,
    "plan": "professional"
  }
]
EOF

cat > .data/user-sessions.json << 'EOF'
{
  "token123": {
    "id": "session1",
    "userId": "user1",
    "expiresAt": 9999999999999
  }
}
EOF

Run migration:

# Remove existing database
rm -f .data/shopify_ai.db*

# Setup fresh database
node scripts/setup-database.js

# Run migration
node scripts/migrate-to-database.js

Expected output:

✅ Migration complete!
  Users: ✓ Success: 1
  Sessions: ✓ Success: 1

7. Test JSON Compatibility Mode

# Switch to JSON mode
export USE_JSON_DATABASE=1

# Your app should now use JSON files instead of database
# (Integration with server.js needed)

Container Testing

1. Build Container

cd /home/runner/work/shopify-ai-backup/shopify-ai-backup
docker build -t shopify-ai-builder:test .

2. Run Container with Environment Variables

docker run -d \
  --name shopify-ai-test \
  -p 4500:4500 \
  -e DATABASE_ENCRYPTION_KEY=$(openssl rand -hex 32) \
  -e JWT_SECRET=$(openssl rand -hex 32) \
  -v shopify-data:/home/web/data \
  shopify-ai-builder:test

3. Check Logs

docker logs shopify-ai-test

Expected in logs:

🔍 Checking database status...
🔧 Database not found, setting up new database...
⚠️  Generated new encryption key (save this!)
✅ Database setup complete!

4. Verify Database Created

docker exec shopify-ai-test ls -lh /home/web/data/.data/

Expected output:

shopify_ai.db
shopify_ai.db-wal
shopify_ai.db-shm
.encryption_key
.jwt_secret

5. Test Auto-Initialization on Restart

# Restart container
docker restart shopify-ai-test

# Check logs
docker logs shopify-ai-test | tail -20

Expected:

✅ Database already exists

6. Test Migration in Container

# Copy sample JSON files
docker exec shopify-ai-test sh -c 'cat > /home/web/data/.data/users.json << EOF
[{"id":"user1","email":"test@example.com","passwordHash":"test"}]
EOF'

# Run migration
docker exec shopify-ai-test node /opt/webchat/scripts/migrate-to-database.js

7. Verify Tables

docker exec shopify-ai-test sqlite3 /home/web/data/.data/shopify_ai.db ".tables"

Expected output:

affiliates         payment_sessions   token_blacklist
audit_log          refresh_tokens     users
contact_messages   sessions           withdrawals
feature_requests

8. Check Encryption Keys Persisted

docker exec shopify-ai-test cat /home/web/data/.data/.encryption_key
docker exec shopify-ai-test cat /home/web/data/.data/.jwt_secret

Save these keys to your environment configuration!

9. Test JSON Fallback Mode

# Stop container
docker stop shopify-ai-test
docker rm shopify-ai-test

# Start with JSON mode
docker run -d \
  --name shopify-ai-test \
  -p 4500:4500 \
  -e USE_JSON_DATABASE=1 \
  -v shopify-data:/home/web/data \
  shopify-ai-builder:test

# Check logs
docker logs shopify-ai-test | grep "JSON"

Expected:

📁 Running in JSON compatibility mode

10. Cleanup

docker stop shopify-ai-test
docker rm shopify-ai-test
docker volume rm shopify-data

Production Deployment

Environment Variables Required

# Required
DATABASE_ENCRYPTION_KEY=<64-char-hex>  # Generate: openssl rand -hex 32
JWT_SECRET=<64-char-hex>               # Generate: openssl rand -hex 32

# Optional
DATABASE_PATH=./.data/shopify_ai.db
DATABASE_BACKUP_ENABLED=1
DATABASE_WAL_MODE=1
USE_JSON_DATABASE=0  # Set to 1 for JSON mode
JWT_ACCESS_TOKEN_TTL=900         # 15 minutes
JWT_REFRESH_TOKEN_TTL=604800     # 7 days

First Deployment

  1. Generate keys and save them securely
  2. Deploy container with environment variables
  3. Verify logs show database initialization
  4. Save generated keys from logs if not pre-set
  5. Test authentication (once integrated)

Subsequent Deployments

  1. Use same keys from first deployment
  2. Database persists via volume
  3. No migration needed unless upgrading from JSON

Rollback to JSON

If issues occur:

  1. Set USE_JSON_DATABASE=1
  2. Restart container
  3. System uses JSON files
  4. Original JSON backups preserved

Troubleshooting

Database Not Found

# Check data directory
ls -la /home/web/data/.data/

# Re-run initialization
node scripts/init-database.js

Encryption Error

# Verify key is 64 characters (hex)
echo $DATABASE_ENCRYPTION_KEY | wc -c  # Should be 65 (64 + newline)

# Regenerate if needed
export DATABASE_ENCRYPTION_KEY=$(openssl rand -hex 32)

Migration Failed

# Check JSON files exist
ls -la .data/*.json

# Check database exists
ls -la .data/shopify_ai.db

# View backup
ls -la .data/migration_backup_*/

Permission Issues

# In container
chown -R root:root /home/web/data
chmod -R 755 /home/web/data

Security Checklist

  • Encryption keys generated securely
  • Keys stored in secure environment (not in code)
  • Database file permissions restricted (600/700)
  • Backup encryption keys offline
  • Test rollback procedure
  • Verify audit logging works
  • Test session revocation
  • Test token refresh

Next Steps

  1. Database implementation complete
  2. Encryption working
  3. Migration tested
  4. Integrate with server.js authentication
  5. Add auth API endpoints
  6. End-to-end testing
  7. Production deployment

Support

For issues:

  1. Check logs: docker logs <container>
  2. Verify environment variables
  3. Test locally first
  4. Review DATABASE_IMPLEMENTATION.md
Reference in New Issue View Git Blame Copy Permalink