hasher/TESTING.md

# Quick Start & Testing Guide

This guide will help you quickly set up and test the Hasher application.

## 🚀 Quick Start

### 1. Prerequisites Check

Ensure you have:
- ✅ Node.js 18.x or higher (`node --version`)
- ✅ npm (`npm --version`)
- ✅ Redis 7.x or higher running on `localhost:6379`

### 2. Installation

```bash
# Navigate to the project directory
cd hasher

# Install dependencies
npm install

# Start Redis (if not running)
redis-server

# Start the development server
npm run dev
```

The application will be available at: **http://localhost:3000**

### 3. Verify Redis Connection

```bash
# Check health endpoint
curl http://localhost:3000/api/health
```

Expected response:
```json
{
  "status": "ok",
  "redis": {
    "version": "7.2.4",
    "connected": true,
    "memoryUsed": "1.5M"
  }
}
```

---

## 🧪 Testing the Application

### Test 1: Generate Hashes from Plaintext

1. Open http://localhost:3000
2. Enter `password` in the search box
3. Click Search

**Expected Result**: 
- Display all hash values (MD5, SHA1, SHA256, SHA512)
- Message: "These hashes have been saved to the database"

### Test 2: Search for an Existing Hash

1. Copy the MD5 hash from Test 1: `5f4dcc3b5aa765d61d8327deb882cf99`
2. Enter it in the search box
3. Click Search

**Expected Result**:
- Display: "Hash Found!"
- Plaintext: `password`
- All associated hashes displayed

### Test 3: Search for a Non-existent Hash

1. Enter: `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` (32 a's)
2. Click Search

**Expected Result**:
- Display: "Hash Not Found"
- Message: "This hash is not in our database"

### Test 4: Bulk Indexing

```bash
# Index the sample wordlist
npm run index-file sample-wordlist.txt
```

**Expected Output**:
```
📚 Hasher Indexer - Redis Edition
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Redis: localhost:6379
File: sample-wordlist.txt
Batch size: 100

🔗 Connecting to Redis...
✅ Connected successfully

📖 Reading file...
✅ Found 20 words/phrases to process

⏳ Progress: 20/20 (100.0%) - Indexed: 20, Skipped: 0, Errors: 0

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✅ Indexing complete!
```

### Test 5: Search Indexed Words

After running the bulk indexer, search for:
- `admin`
- `123456`
- `qwerty`

All should return their plaintext values.

### Test 6: Remove Duplicates

```bash
# Dry run to preview duplicates
npm run remove-duplicates -- --dry-run --field md5

# Execute removal
npm run remove-duplicates -- --execute --field md5
```

---

## 🔍 API Testing

### Using cURL

**Test Search API**:
```bash
# Search for a hash
curl -X POST http://localhost:3000/api/search \
  -H "Content-Type: application/json" \
  -d '{"query":"5f4dcc3b5aa765d61d8327deb882cf99"}'

# Generate hashes
curl -X POST http://localhost:3000/api/search \
  -H "Content-Type: application/json" \
  -d '{"query":"test123"}'
```

**Test Health API**:
```bash
curl http://localhost:3000/api/health
```

### Using JavaScript Console

Open browser console on http://localhost:3000:

```javascript
// Search for a hash
fetch('/api/search', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ query: '5f4dcc3b5aa765d61d8327deb882cf99' })
})
  .then(r => r.json())
  .then(console.log);

// Generate hashes
fetch('/api/search', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ query: 'mypassword' })
})
  .then(r => r.json())
  .then(console.log);
```

---

## 🎯 Feature Testing Checklist

### UI Features
- [ ] Search input accepts text
- [ ] Search button is clickable
- [ ] Loading spinner shows during search
- [ ] Copy buttons work for all hash values
- [ ] Copy confirmation shows (checkmark)
- [ ] Responsive design works on mobile
- [ ] Dark mode support (if implemented)

### Search Functionality
- [ ] MD5 hashes are detected (32 chars)
- [ ] SHA1 hashes are detected (40 chars)
- [ ] SHA256 hashes are detected (64 chars)
- [ ] SHA512 hashes are detected (128 chars)
- [ ] Case-insensitive search works
- [ ] Plaintext search generates all hashes
- [ ] Results display correctly

### Data Persistence
- [ ] New plaintext is saved to Redis
- [ ] Saved hashes can be found in subsequent searches
- [ ] Bulk indexing saves all entries
- [ ] Duplicate detection works correctly

### Error Handling
- [ ] Redis connection errors are handled
- [ ] Empty search queries are prevented
- [ ] Invalid input is handled gracefully
- [ ] Network errors show user-friendly messages

---

## 🐛 Common Issues & Solutions

### Issue: Cannot connect to Redis

**Solution**:
```bash
# Check if Redis is running
redis-cli ping
# Should respond: PONG

# If not running, start Redis
redis-server

# If using custom host/port, update environment variables
export REDIS_HOST=localhost
export REDIS_PORT=6379
npm run dev
```

### Issue: Module not found errors

**Solution**:
```bash
# Clean install
rm -rf node_modules package-lock.json
npm install
```

### Issue: Port 3000 already in use

**Solution**:
```bash
# Use a different port
PORT=3001 npm run dev
```

### Issue: Bulk indexer script fails

**Solution**:
```bash
# Ensure file exists and has proper permissions
ls -la sample-wordlist.txt

# Run with absolute path
npm run index-file -- "$(pwd)/sample-wordlist.txt"
```

---

## 📊 Verify Data in Redis

### Check Redis Connection
```bash
redis-cli ping
```

### Count Keys
```bash
redis-cli DBSIZE
```

### View Sample Documents
```bash
# List hash document keys
redis-cli --scan --pattern "hash:plaintext:*" | head -5

# Get a specific document
redis-cli GET "hash:plaintext:password"
```

### Check Statistics
```bash
redis-cli HGETALL hash:stats
```

### Search Specific Hash
```bash
# Find plaintext for an MD5 hash
redis-cli GET "hash:index:md5:5f4dcc3b5aa765d61d8327deb882cf99"

# Get the full document
redis-cli GET "hash:plaintext:password"
```

### Monitor Redis Activity
```bash
# Watch commands in real-time
redis-cli MONITOR

# Check memory usage
redis-cli INFO memory
```

---

## 🎨 UI Testing

### Visual Tests
1. Open http://localhost:3000
2. Check the gradient background
3. Verify icon displays correctly
4. Test responsive layout (resize browser)
5. Test on mobile device or emulator

### Interaction Tests
1. Hover over copy buttons (should change color)
2. Click copy button (should show checkmark)
3. Type in search box (should accept input)
4. Submit empty form (should be disabled)
5. Test loading state (network throttling)

---

## 📈 Performance Testing

### Load Test with Apache Bench

```bash
# Install apache bench
sudo apt-get install apache2-utils  # Ubuntu/Debian

# Test search endpoint
ab -n 100 -c 10 -p search.json -T application/json \
   http://localhost:3000/api/search
```

Create `search.json`:
```json
{"query":"password"}
```

### Expected Performance
- Search latency: < 5ms
- Bulk indexing: 5000-15000 docs/sec
- Concurrent requests: 100+

### Redis Performance Testing
```bash
# Benchmark Redis operations
redis-benchmark -t set,get -n 100000 -q

# Test with pipeline
redis-benchmark -t set,get -n 100000 -q -P 16
```

---

## 🔐 Security Testing

### Test Input Validation
- [ ] SQL injection attempts (should be safe - NoSQL)
- [ ] XSS attempts in search input
- [ ] Very long input strings
- [ ] Special characters
- [ ] Unicode characters

### Test API Security
- [ ] CORS configuration
- [ ] Rate limiting (if implemented)
- [ ] Error message information disclosure
- [ ] Redis authentication (if enabled)

### Redis Security Checklist
- [ ] Redis password configured (REDIS_PASSWORD)
- [ ] Redis not exposed to internet
- [ ] Firewall rules configured
- [ ] TLS/SSL enabled (if needed)

---

## ✅ Pre-Production Checklist

Before deploying to production:

- [ ] All tests passing
- [ ] Environment variables configured
- [ ] Redis secured with password
- [ ] Redis persistence configured (RDB/AOF)
- [ ] SSL/TLS certificates installed
- [ ] Error logging configured
- [ ] Monitoring set up
- [ ] Load testing completed
- [ ] Security review done
- [ ] Documentation reviewed
- [ ] Backup strategy in place
- [ ] Redis memory limits configured

---

## 📝 Test Report Template

```markdown
# Test Report - [Date]

## Environment
- Node.js version: 
- Redis version: 
- Browser(s) tested: 

## Test Results

### Functional Tests
- [ ] Hash generation: PASS/FAIL
- [ ] Hash search: PASS/FAIL
- [ ] Bulk indexing: PASS/FAIL
- [ ] API endpoints: PASS/FAIL
- [ ] Duplicate removal: PASS/FAIL

### Issues Found
1. [Description]
   - Steps to reproduce:
   - Expected:
   - Actual:
   - Severity: High/Medium/Low

## Performance
- Average search time: 
- Bulk index rate: 
- Concurrent users tested: 
- Redis memory usage:

## Conclusion
[Summary of testing]
```

---

## 🎓 Next Steps

After successful testing:

1. ✅ Test all features
2. ✅ Fix any issues found
3. ✅ Perform load testing
4. ✅ Review security
5. ✅ Configure Redis persistence
6. ✅ Prepare for deployment

See [DEPLOYMENT.md](DEPLOYMENT.md) for deployment instructions.

---

**Happy Testing! 🎉**