File size: 3,781 Bytes
8ae78b0 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 | import pytest
from fastapi.testclient import TestClient
import uuid
from sqlalchemy.orm import Session
from app.main import app
from app.db.models import User
from app.utils.security import get_password_hash
client = TestClient(app)
def test_create_user():
"""Test user creation endpoint."""
user_data = {
"email": f"test_{uuid.uuid4()}@example.com",
"password": "testpassword",
"first_name": "Test",
"last_name": "User"
}
response = client.post("/api/users/", json=user_data)
assert response.status_code == 201
data = response.json()
assert data["email"] == user_data["email"]
assert "id" in data
assert "hashed_password" not in data
# Clean up - delete the user
# This would require a separate delete endpoint or direct DB access
def test_login_with_email():
"""Test login with email endpoint."""
# Create a test user
user_email = f"test_{uuid.uuid4()}@example.com"
user_password = "testpassword"
user_data = {
"email": user_email,
"password": user_password,
"first_name": "Test",
"last_name": "User"
}
# Create user
client.post("/api/users/", json=user_data)
# Login
login_data = {
"email": user_email,
"password": user_password
}
response = client.post("/api/auth/login/email", json=login_data)
assert response.status_code == 200
data = response.json()
assert "access_token" in data
assert data["token_type"] == "bearer"
# Test with invalid password
login_data["password"] = "wrongpassword"
response = client.post("/api/auth/login/email", json=login_data)
assert response.status_code == 401
def test_login_oauth2():
"""Test OAuth2 login endpoint."""
# Create a test user
user_email = f"test_{uuid.uuid4()}@example.com"
user_password = "testpassword"
user_data = {
"email": user_email,
"password": user_password,
"first_name": "Test",
"last_name": "User"
}
# Create user
client.post("/api/users/", json=user_data)
# Login with OAuth2
login_data = {
"username": user_email, # OAuth2 uses username for email
"password": user_password
}
response = client.post("/api/auth/login", data=login_data)
assert response.status_code == 200
data = response.json()
assert "access_token" in data
assert data["token_type"] == "bearer"
def test_protected_endpoint():
"""Test accessing a protected endpoint."""
# Create a test user
user_email = f"test_{uuid.uuid4()}@example.com"
user_password = "testpassword"
user_data = {
"email": user_email,
"password": user_password,
"first_name": "Test",
"last_name": "User"
}
# Create user
response = client.post("/api/users/", json=user_data)
user_id = response.json()["id"]
# Login
login_data = {
"username": user_email,
"password": user_password
}
response = client.post("/api/auth/login", data=login_data)
token = response.json()["access_token"]
# Access protected endpoint
headers = {"Authorization": f"Bearer {token}"}
# Test /me endpoint
response = client.get("/api/users/me", headers=headers)
assert response.status_code == 200
data = response.json()
assert data["email"] == user_email
# Test user by ID endpoint
response = client.get(f"/api/users/{user_id}", headers=headers)
assert response.status_code == 200
data = response.json()
assert data["email"] == user_email
# Test without token
response = client.get("/api/users/me")
assert response.status_code == 401 |