package main

import (
	"os"
	"strings"
	"testing"
)

func TestSecurity_9_2_1_ServerPortExposureConfiguration(t *testing.T) {
	if serverAddr != ":3000" {
		t.Fatalf("expected only configured server address to be :3000, got %q", serverAddr)
	}

	data, err := os.ReadFile("main.go")
	if err != nil {
		t.Fatalf("failed reading main.go: %v", err)
	}
	content := string(data)
	if strings.Count(content, "ListenAndServe(") != 1 {
		t.Fatalf("expected exactly one ListenAndServe call in main.go")
	}
}

func TestSecurity_9_2_2_IntendedForReverseProxyDocumentation(t *testing.T) {
	data, err := os.ReadFile("../../web/nginx.conf")
	if err != nil {
		t.Fatalf("failed reading web/nginx.conf: %v", err)
	}
	content := strings.ToLower(string(data))
	if !strings.Contains(content, "location /api/") || !strings.Contains(content, "proxy_pass http://backend:3000") {
		t.Fatalf("expected nginx proxy configuration for backend:3000")
	}
}