"""Test API routes"""
import pytest


class TestAuthRoutes:
    """Test authentication routes"""

    @pytest.mark.auth
    def test_register_success(self, client):
        """Test successful user registration"""
        response = client.post(
            "/api/auth/register",
            json={
                "email": "newuser@example.com",
                "password": "password123",
                "username": "newuser",
                "first_name": "New",
                "last_name": "User",
            },
        )

        assert response.status_code == 201
        data = response.get_json()
        assert data["email"] == "newuser@example.com"
        assert data["username"] == "newuser"
        assert "password" not in data
        assert "password_hash" not in data

    @pytest.mark.auth
    def test_register_missing_fields(self, client):
        """Test registration with missing required fields"""
        response = client.post(
            "/api/auth/register", json={"email": "newuser@example.com"}
        )

        assert response.status_code == 400
        data = response.get_json()
        assert "error" in data

    @pytest.mark.auth
    def test_register_duplicate_email(self, client, regular_user):
        """Test registration with duplicate email"""
        response = client.post(
            "/api/auth/register",
            json={"email": regular_user.email, "password": "password123"},
        )

        assert response.status_code == 400
        data = response.get_json()
        assert "already exists" in data["error"].lower()

    @pytest.mark.auth
    def test_login_success(self, client, regular_user):
        """Test successful login"""
        response = client.post(
            "/api/auth/login",
            json={"email": regular_user.email, "password": "password123"},
        )

        assert response.status_code == 200
        data = response.get_json()
        assert "access_token" in data
        assert "refresh_token" in data
        assert data["user"]["email"] == regular_user.email

    @pytest.mark.auth
    @pytest.mark.parametrize(
        "email,password,expected_status",
        [
            ("wrong@example.com", "password123", 401),
            ("user@example.com", "wrongpassword", 401),
            (None, "password123", 400),
            ("user@example.com", None, 400),
        ],
    )
    def test_login_validation(
        self, client, regular_user, email, password, expected_status
    ):
        """Test login with various invalid inputs"""
        login_data = {}
        if email is not None:
            login_data["email"] = email
        if password is not None:
            login_data["password"] = password

        response = client.post("/api/auth/login", json=login_data)
        assert response.status_code == expected_status

    @pytest.mark.auth
    def test_login_inactive_user(self, client, inactive_user):
        """Test login with inactive user"""
        response = client.post(
            "/api/auth/login",
            json={"email": inactive_user.email, "password": "password123"},
        )

        assert response.status_code == 401
        data = response.get_json()
        assert "inactive" in data["error"].lower()

    @pytest.mark.auth
    def test_get_current_user(self, client, auth_headers, regular_user):
        """Test getting current user"""
        response = client.get("/api/users/me", headers=auth_headers)

        assert response.status_code == 200
        data = response.get_json()
        assert data["email"] == regular_user.email

    @pytest.mark.auth
    def test_get_current_user_unauthorized(self, client):
        """Test getting current user without authentication"""
        response = client.get("/api/users/me")
        assert response.status_code == 401