wenil/amneziavpnphp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a33af60f2d331b44754758ff191b29a9d3614c5b
amneziavpnphp/TESTING.md
T
infosave2007 a33af60f2d Add project files
2025-11-07 13:34:06 +03:00

346 lines
7.4 KiB
Markdown
Raw Blame History

# Testing Guide
This document describes how to test the Amnezia VPN Web Panel.
## Prerequisites
- Docker and Docker Compose installed
- Test VPS server with SSH access (for full deployment testing)
- Amnezia VPN mobile app (Android/iOS) for QR code testing
## Quick Test Setup
### 1. Start the Application
```bash
cd amnezia-web-panel
docker compose up -d
```
### 2. Access the Panel
Open browser: `http://localhost:8082`
### 3. Login
Default credentials:
- Email: `admin@amnez.ia`
- Password: `admin123`
## Unit Tests
### Test QR Code Generation
```bash
docker compose exec web php test_qr.php
```
Expected output:
```
✅ Success! QR code generation working correctly.
```
This creates `test_qr.png` in the project root.
### Verify QR Code Payload
```bash
# Compare payload with original implementation
php /tmp/test_compare_qr.php
```
The payload should match exactly with the original Amnezia QR format.
## Integration Tests
### Test 1: User Registration
1. Logout from admin account
2. Click "Register"
3. Fill in:
- Name: "Test User"
- Email: "test@example.com"
- Password: "testpass123"
4. Click "Register"
5. ✅ Should redirect to dashboard
### Test 2: Server Creation (Without Deployment)
1. Go to "Servers" → "Add Server"
2. Fill in:
- Name: "Test Server"
- Host: "192.168.1.100"
- Port: 22
- Username: "root"
- Password: "dummy"
3. Click "Add Server" (will fail at deployment, but server record created)
4. ✅ Should see server in list with "pending" status
### Test 3: Full Server Deployment (Requires Real VPS)
**Prerequisites**: Remote Linux server with SSH access
1. Go to "Servers" → "Add Server"
2. Fill in real server credentials:
- Name: "Production Server 1"
- Host: "your.server.ip"
- Port: 22
- Username: "root"
- Password: "your_ssh_password"
3. Click "Add Server"
4. Wait for deployment (5-10 minutes)
5. ✅ Server status should change to "active"
6. ✅ Server should show public key and VPN port
### Test 4: Client Creation
**Prerequisites**: Active server from Test 3
1. Click on active server
2. In "Create Client" section, enter name: "test-client-1"
3. Click "Create"
4. ✅ Should redirect to client view page
5. ✅ Should see QR code displayed
6. ✅ "Download Config" button should work
### Test 5: QR Code Scanning
**Prerequisites**: Amnezia VPN app installed on phone
1. Create a client (Test 4)
2. Open Amnezia VPN app
3. Tap "Add server" → "Scan QR code"
4. Scan the QR code from web panel
5. ✅ Configuration should be imported successfully
6. ✅ Connect to VPN should work
7. ✅ Check IP address changed (e.g., whatismyip.com)
### Test 6: Configuration Download
1. Go to client details page
2. Click "Download Config"
3. ✅ Should download `.conf` file
4. Open file in text editor
5. ✅ Should contain valid WireGuard config with:
- [Interface] section with PrivateKey, Address, DNS
- AWG parameters (Jc, Jmin, Jmax, S1, S2, H1-H4)
- [Peer] section with PublicKey, PresharedKey, Endpoint
6. Import manually into Amnezia VPN app
7. ✅ Should work same as QR code
### Test 7: Multiple Clients
1. Create 5 clients on same server
2. ✅ Each should get unique IP (10.8.1.2, 10.8.1.3, etc.)
3. ✅ Each should have unique keys
4. ✅ All QR codes should scan successfully
5. Test connections from multiple devices
6. ✅ All should connect simultaneously
### Test 8: Client Deletion
1. Go to client details
2. Click "Delete"
3. ✅ Client should be removed from database
4. ⚠️ **Known Issue**: Not yet removed from server wg0.conf
### Test 9: Server Deletion
1. Go to server list
2. Click "Delete" on a server
3. ✅ Server should be removed from database
4. ⚠️ **Known Issue**: Docker container not removed from remote server
### Test 10: Access Control
1. Create new user account
2. Login as new user
3. Create a server
4. Logout and login as admin
5. ✅ Admin should see all servers (including user's)
6. Login as regular user
7. ✅ Regular user should only see their own servers
## Security Tests
### Test 11: SQL Injection Protection
Try creating server with malicious name:
```
Name: Test'; DROP TABLE vpn_servers; --
```
✅ Should be safely escaped, no SQL error
### Test 12: XSS Protection
Try creating client with script tag:
```
Name: <script>alert('XSS')</script>
```
✅ Should be HTML-escaped in output
### Test 13: Authentication
1. Logout
2. Try accessing `/dashboard` directly
3. ✅ Should redirect to login page
### Test 14: Password Security
1. Check database:
```bash
docker compose exec db mysql -u amnezia -pamnezia123 amnezia_panel
SELECT password FROM users LIMIT 1;
```
✅ Password should be bcrypt hash, not plaintext
## Performance Tests
### Test 15: Multiple Concurrent Requests
```bash
# Install Apache Bench
sudo apt install apache2-utils
# Test login endpoint
ab -n 100 -c 10 -p login.txt -T application/x-www-form-urlencoded http://localhost:8082/login
```
✅ Should handle 100 requests without errors
### Test 16: Database Connection Pooling
Create 10 clients rapidly:
```bash
for i in {1..10}; do
curl -X POST http://localhost:8082/servers/1/clients/create \
-d "name=client$i" \
-b cookies.txt
done
```
✅ Should complete without connection errors
## Browser Compatibility
Test in:
- ✅ Chrome/Edge (Chromium)
- ✅ Firefox
- ✅ Safari
- ✅ Mobile browsers (iOS Safari, Chrome Android)
## Docker Tests
### Test 17: Container Health
```bash
docker compose ps
```
✅ Both containers should be "Up" and healthy
### Test 18: Volume Persistence
```bash
# Stop containers
docker compose down
# Start again
docker compose up -d
# Login
```
✅ All data should persist (servers, clients, users)
### Test 19: Logs
```bash
docker compose logs -f web
docker compose logs -f db
```
✅ No errors in logs during normal operation
## Troubleshooting
### QR Code Not Displaying
Check:
```bash
docker compose exec web php test_qr.php
```
If fails, check:
- GD extension installed: `php -m | grep gd`
- Composer dependencies: `composer show endroid/qr-code`
### Can't Connect to Database
Check:
```bash
docker compose exec web php -r "
\$pdo = new PDO('mysql:host=db;dbname=amnezia_panel', 'amnezia', 'amnezia123');
echo 'Connected successfully';
"
```
### SSH Deployment Fails
Test SSH manually:
```bash
sshpass -p 'yourpassword' ssh -o StrictHostKeyChecking=no root@server.ip 'echo OK'
```
## Test Checklist
Before releasing or deploying:
- [ ] All unit tests pass
- [ ] QR code generation works
- [ ] Server deployment works on real VPS
- [ ] Client creation works
- [ ] QR codes scan in Amnezia app
- [ ] VPN connection works
- [ ] Multiple clients work simultaneously
- [ ] Authentication works
- [ ] Access control works (user/admin)
- [ ] SQL injection protected
- [ ] XSS protected
- [ ] CSRF protection (if implemented)
- [ ] Password hashing verified
- [ ] All browsers work
- [ ] Mobile responsive
- [ ] Docker containers healthy
- [ ] Data persists after restart
- [ ] No errors in logs
- [ ] README instructions accurate
- [ ] Default password changed
## Automated Testing (Future)
Consider implementing:
- PHPUnit for unit tests
- Selenium for browser automation
- GitHub Actions for CI/CD
- Code coverage reports
- Automated security scanning
## Reporting Issues
When reporting bugs, include:
1. Steps to reproduce
2. Expected behavior
3. Actual behavior
4. Docker logs: `docker compose logs`
5. Browser console errors
6. PHP version: `docker compose exec web php -v`
7. MySQL version: `docker compose exec db mysql -V`
---
Happy Testing! 🧪
Reference in New Issue View Git Blame Copy Permalink