""" Tests for authentication routes. """ import pytest from httpx import AsyncClient @pytest.mark.asyncio class TestAuthRegister: async def test_register_success(self, client: AsyncClient): response = await client.post( "/api/v1/auth/register", json={ "email": "newuser@example.com", "password": "securepass123", "full_name": "New User", }, ) assert response.status_code == 201 data = response.json() assert "access_token" in data assert "refresh_token" in data assert data["token_type"] == "bearer" async def test_register_duplicate_email(self, client: AsyncClient, test_user): response = await client.post( "/api/v1/auth/register", json={ "email": "test@example.com", # already exists "password": "securepass123", "full_name": "Duplicate User", }, ) assert response.status_code == 409 assert "already registered" in response.json()["detail"] async def test_register_invalid_email(self, client: AsyncClient): response = await client.post( "/api/v1/auth/register", json={ "email": "not-an-email", "password": "securepass123", "full_name": "Bad Email User", }, ) assert response.status_code == 422 @pytest.mark.asyncio class TestAuthLogin: async def test_login_success(self, client: AsyncClient, test_user): response = await client.post( "/api/v1/auth/login", json={"email": "test@example.com", "password": "testpass123"}, ) assert response.status_code == 200 data = response.json() assert "access_token" in data assert "refresh_token" in data async def test_login_wrong_password(self, client: AsyncClient, test_user): response = await client.post( "/api/v1/auth/login", json={"email": "test@example.com", "password": "wrongpass"}, ) assert response.status_code == 401 assert "Invalid" in response.json()["detail"] async def test_login_nonexistent_user(self, client: AsyncClient): response = await client.post( "/api/v1/auth/login", json={"email": "nobody@example.com", "password": "whatever"}, ) assert response.status_code == 401 @pytest.mark.asyncio class TestAuthMe: async def test_get_me_authenticated(self, client: AsyncClient, auth_headers): response = await client.get("/api/v1/auth/me", headers=auth_headers) assert response.status_code == 200 data = response.json() assert data["email"] == "test@example.com" assert data["full_name"] == "Test User" async def test_get_me_unauthenticated(self, client: AsyncClient): response = await client.get("/api/v1/auth/me") assert response.status_code == 401 async def test_get_me_invalid_token(self, client: AsyncClient): response = await client.get( "/api/v1/auth/me", headers={"Authorization": "Bearer invalid-token"}, ) assert response.status_code == 401 @pytest.mark.asyncio class TestAuthRefresh: async def test_refresh_token(self, client: AsyncClient, test_user): # First login to get tokens login_resp = await client.post( "/api/v1/auth/login", json={"email": "test@example.com", "password": "testpass123"}, ) refresh_token = login_resp.json()["refresh_token"] # Refresh response = await client.post( "/api/v1/auth/refresh", json={"refresh_token": refresh_token}, ) assert response.status_code == 200 data = response.json() assert "access_token" in data assert "refresh_token" in data async def test_refresh_invalid_token(self, client: AsyncClient): response = await client.post( "/api/v1/auth/refresh", json={"refresh_token": "invalid-refresh-token"}, ) assert response.status_code == 401