best / backend /tests /api /test_auth.py
anky2002's picture
feat: Add unit tests, production Docker, rate limiting, WebSocket notifications, data export (GDPR), error handling
56d23bb verified
Raw
History Blame Contribute Delete
4.23 kB
"""
Tests for authentication routes.
"""
import pytest
from httpx import AsyncClient
@pytest.mark.asyncio
class TestAuthRegister:
async def test_register_success(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/register",
json={
"email": "newuser@example.com",
"password": "securepass123",
"full_name": "New User",
},
)
assert response.status_code == 201
data = response.json()
assert "access_token" in data
assert "refresh_token" in data
assert data["token_type"] == "bearer"
async def test_register_duplicate_email(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/register",
json={
"email": "test@example.com", # already exists
"password": "securepass123",
"full_name": "Duplicate User",
},
)
assert response.status_code == 409
assert "already registered" in response.json()["detail"]
async def test_register_invalid_email(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/register",
json={
"email": "not-an-email",
"password": "securepass123",
"full_name": "Bad Email User",
},
)
assert response.status_code == 422
@pytest.mark.asyncio
class TestAuthLogin:
async def test_login_success(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/login",
json={"email": "test@example.com", "password": "testpass123"},
)
assert response.status_code == 200
data = response.json()
assert "access_token" in data
assert "refresh_token" in data
async def test_login_wrong_password(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/login",
json={"email": "test@example.com", "password": "wrongpass"},
)
assert response.status_code == 401
assert "Invalid" in response.json()["detail"]
async def test_login_nonexistent_user(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/login",
json={"email": "nobody@example.com", "password": "whatever"},
)
assert response.status_code == 401
@pytest.mark.asyncio
class TestAuthMe:
async def test_get_me_authenticated(self, client: AsyncClient, auth_headers):
response = await client.get("/api/v1/auth/me", headers=auth_headers)
assert response.status_code == 200
data = response.json()
assert data["email"] == "test@example.com"
assert data["full_name"] == "Test User"
async def test_get_me_unauthenticated(self, client: AsyncClient):
response = await client.get("/api/v1/auth/me")
assert response.status_code == 401
async def test_get_me_invalid_token(self, client: AsyncClient):
response = await client.get(
"/api/v1/auth/me",
headers={"Authorization": "Bearer invalid-token"},
)
assert response.status_code == 401
@pytest.mark.asyncio
class TestAuthRefresh:
async def test_refresh_token(self, client: AsyncClient, test_user):
# First login to get tokens
login_resp = await client.post(
"/api/v1/auth/login",
json={"email": "test@example.com", "password": "testpass123"},
)
refresh_token = login_resp.json()["refresh_token"]
# Refresh
response = await client.post(
"/api/v1/auth/refresh",
json={"refresh_token": refresh_token},
)
assert response.status_code == 200
data = response.json()
assert "access_token" in data
assert "refresh_token" in data
async def test_refresh_invalid_token(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/refresh",
json={"refresh_token": "invalid-refresh-token"},
)
assert response.status_code == 401