martian7777
feat: implement backend core with ORM models, authentication, and AI-driven telemetry diagnostics
e5be436 | """Authentication endpoint tests.""" | |
| from __future__ import annotations | |
| import pytest | |
| from httpx import AsyncClient | |
| pytestmark = pytest.mark.asyncio | |
| async def test_register_success(client: AsyncClient): | |
| resp = await client.post( | |
| "/api/v1/auth/register", | |
| json={"email": "new@example.com", "password": "password123", "full_name": "New"}, | |
| ) | |
| assert resp.status_code == 201 | |
| body = resp.json() | |
| assert body["email"] == "new@example.com" | |
| assert "hashed_password" not in body | |
| async def test_register_duplicate_conflicts(client: AsyncClient): | |
| payload = {"email": "dup@example.com", "password": "password123"} | |
| first = await client.post("/api/v1/auth/register", json=payload) | |
| assert first.status_code == 201 | |
| second = await client.post("/api/v1/auth/register", json=payload) | |
| assert second.status_code == 409 | |
| async def test_register_weak_password_rejected(client: AsyncClient): | |
| resp = await client.post( | |
| "/api/v1/auth/register", | |
| json={"email": "weak@example.com", "password": "short"}, | |
| ) | |
| assert resp.status_code == 422 | |
| async def test_login_and_me(client: AsyncClient): | |
| await client.post( | |
| "/api/v1/auth/register", | |
| json={"email": "login@example.com", "password": "password123"}, | |
| ) | |
| resp = await client.post( | |
| "/api/v1/auth/login", | |
| data={"username": "login@example.com", "password": "password123"}, | |
| ) | |
| assert resp.status_code == 200 | |
| token = resp.json()["access_token"] | |
| me = await client.get("/api/v1/auth/me", headers={"Authorization": f"Bearer {token}"}) | |
| assert me.status_code == 200 | |
| assert me.json()["email"] == "login@example.com" | |
| async def test_login_wrong_password(client: AsyncClient): | |
| await client.post( | |
| "/api/v1/auth/register", | |
| json={"email": "wrong@example.com", "password": "password123"}, | |
| ) | |
| resp = await client.post( | |
| "/api/v1/auth/login", | |
| data={"username": "wrong@example.com", "password": "incorrect"}, | |
| ) | |
| assert resp.status_code == 401 | |
| async def test_me_requires_auth(client: AsyncClient): | |
| resp = await client.get("/api/v1/auth/me") | |
| assert resp.status_code == 401 | |
| async def test_inactive_user_cannot_authenticate(session_factory): | |
| from app.core.exceptions import AuthenticationError | |
| from app.repositories.user_repo import UserRepository | |
| from app.schemas.user import UserCreate | |
| from app.services.auth_service import AuthService | |
| async with session_factory() as session: | |
| service = AuthService(session) | |
| user = await service.register( | |
| UserCreate(email="inactive@example.com", password="password123") | |
| ) | |
| await UserRepository(session).update(user, is_active=False) | |
| await session.commit() | |
| with pytest.raises(AuthenticationError): | |
| await service.authenticate("inactive@example.com", "password123") | |