File size: 4,234 Bytes
56d23bb | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 | """
Tests for authentication routes.
"""
import pytest
from httpx import AsyncClient
@pytest.mark.asyncio
class TestAuthRegister:
async def test_register_success(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/register",
json={
"email": "newuser@example.com",
"password": "securepass123",
"full_name": "New User",
},
)
assert response.status_code == 201
data = response.json()
assert "access_token" in data
assert "refresh_token" in data
assert data["token_type"] == "bearer"
async def test_register_duplicate_email(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/register",
json={
"email": "test@example.com", # already exists
"password": "securepass123",
"full_name": "Duplicate User",
},
)
assert response.status_code == 409
assert "already registered" in response.json()["detail"]
async def test_register_invalid_email(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/register",
json={
"email": "not-an-email",
"password": "securepass123",
"full_name": "Bad Email User",
},
)
assert response.status_code == 422
@pytest.mark.asyncio
class TestAuthLogin:
async def test_login_success(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/login",
json={"email": "test@example.com", "password": "testpass123"},
)
assert response.status_code == 200
data = response.json()
assert "access_token" in data
assert "refresh_token" in data
async def test_login_wrong_password(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/login",
json={"email": "test@example.com", "password": "wrongpass"},
)
assert response.status_code == 401
assert "Invalid" in response.json()["detail"]
async def test_login_nonexistent_user(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/login",
json={"email": "nobody@example.com", "password": "whatever"},
)
assert response.status_code == 401
@pytest.mark.asyncio
class TestAuthMe:
async def test_get_me_authenticated(self, client: AsyncClient, auth_headers):
response = await client.get("/api/v1/auth/me", headers=auth_headers)
assert response.status_code == 200
data = response.json()
assert data["email"] == "test@example.com"
assert data["full_name"] == "Test User"
async def test_get_me_unauthenticated(self, client: AsyncClient):
response = await client.get("/api/v1/auth/me")
assert response.status_code == 401
async def test_get_me_invalid_token(self, client: AsyncClient):
response = await client.get(
"/api/v1/auth/me",
headers={"Authorization": "Bearer invalid-token"},
)
assert response.status_code == 401
@pytest.mark.asyncio
class TestAuthRefresh:
async def test_refresh_token(self, client: AsyncClient, test_user):
# First login to get tokens
login_resp = await client.post(
"/api/v1/auth/login",
json={"email": "test@example.com", "password": "testpass123"},
)
refresh_token = login_resp.json()["refresh_token"]
# Refresh
response = await client.post(
"/api/v1/auth/refresh",
json={"refresh_token": refresh_token},
)
assert response.status_code == 200
data = response.json()
assert "access_token" in data
assert "refresh_token" in data
async def test_refresh_invalid_token(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/refresh",
json={"refresh_token": "invalid-refresh-token"},
)
assert response.status_code == 401
|