from app.core.security import get_password_hash, verify_password, validate_password_strength, create_access_token, decode_access_token from app.models.user import User import pytest def test_password_strength(): # Valid passwords assert validate_password_strength("strongpassword123") is True assert validate_password_strength("!@#$RFVTGB%^") is True # Invalid passwords (too short) assert validate_password_strength("short") is False assert validate_password_strength("") is False def test_password_hashing(): password = "MySecurePassword123" hashed = get_password_hash(password) assert hashed != password assert verify_password(password, hashed) is True assert verify_password("wrong_password", hashed) is False def test_jwt_token(): user_id = "550e8400-e29b-41d4-a716-446655440000" token = create_access_token(subject=user_id) assert token is not None decoded = decode_access_token(token) assert decoded == user_id def test_user_creation(db_session): email = "test@example.com" pwd_hash = get_password_hash("password123") user = User(email=email, password_hash=pwd_hash) db_session.add(user) db_session.commit() db_user = db_session.query(User).filter(User.email == email).first() assert db_user is not None assert db_user.email == email assert verify_password("password123", db_user.password_hash) is True