114 lines
3.7 KiB
Python
114 lines
3.7 KiB
Python
"""Test API routes"""
|
|
import pytest
|
|
|
|
|
|
class TestAuthRoutes:
|
|
"""Test authentication routes"""
|
|
|
|
@pytest.mark.auth
|
|
def test_register_success(self, client):
|
|
"""Test successful user registration"""
|
|
response = client.post(
|
|
"/api/auth/register",
|
|
json={
|
|
"email": "newuser@example.com",
|
|
"password": "password123",
|
|
"username": "newuser",
|
|
"first_name": "New",
|
|
"last_name": "User",
|
|
},
|
|
)
|
|
|
|
assert response.status_code == 201
|
|
data = response.get_json()
|
|
assert data["email"] == "newuser@example.com"
|
|
assert data["username"] == "newuser"
|
|
assert "password" not in data
|
|
assert "password_hash" not in data
|
|
|
|
@pytest.mark.auth
|
|
def test_register_missing_fields(self, client):
|
|
"""Test registration with missing required fields"""
|
|
response = client.post(
|
|
"/api/auth/register", json={"email": "newuser@example.com"}
|
|
)
|
|
|
|
assert response.status_code == 400
|
|
data = response.get_json()
|
|
assert "error" in data
|
|
|
|
@pytest.mark.auth
|
|
def test_register_duplicate_email(self, client, regular_user):
|
|
"""Test registration with duplicate email"""
|
|
response = client.post(
|
|
"/api/auth/register",
|
|
json={"email": regular_user.email, "password": "password123"},
|
|
)
|
|
|
|
assert response.status_code == 400
|
|
data = response.get_json()
|
|
assert "already exists" in data["error"].lower()
|
|
|
|
@pytest.mark.auth
|
|
def test_login_success(self, client, regular_user):
|
|
"""Test successful login"""
|
|
response = client.post(
|
|
"/api/auth/login",
|
|
json={"email": regular_user.email, "password": "password123"},
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
data = response.get_json()
|
|
assert "access_token" in data
|
|
assert "refresh_token" in data
|
|
assert data["user"]["email"] == regular_user.email
|
|
|
|
@pytest.mark.auth
|
|
@pytest.mark.parametrize(
|
|
"email,password,expected_status",
|
|
[
|
|
("wrong@example.com", "password123", 401),
|
|
("user@example.com", "wrongpassword", 401),
|
|
(None, "password123", 400),
|
|
("user@example.com", None, 400),
|
|
],
|
|
)
|
|
def test_login_validation(
|
|
self, client, regular_user, email, password, expected_status
|
|
):
|
|
"""Test login with various invalid inputs"""
|
|
login_data = {}
|
|
if email is not None:
|
|
login_data["email"] = email
|
|
if password is not None:
|
|
login_data["password"] = password
|
|
|
|
response = client.post("/api/auth/login", json=login_data)
|
|
assert response.status_code == expected_status
|
|
|
|
@pytest.mark.auth
|
|
def test_login_inactive_user(self, client, inactive_user):
|
|
"""Test login with inactive user"""
|
|
response = client.post(
|
|
"/api/auth/login",
|
|
json={"email": inactive_user.email, "password": "password123"},
|
|
)
|
|
|
|
assert response.status_code == 401
|
|
data = response.get_json()
|
|
assert "inactive" in data["error"].lower()
|
|
|
|
@pytest.mark.auth
|
|
def test_get_current_user(self, client, auth_headers, regular_user):
|
|
"""Test getting current user"""
|
|
response = client.get("/api/users/me", headers=auth_headers)
|
|
|
|
assert response.status_code == 200
|
|
data = response.get_json()
|
|
assert data["email"] == regular_user.email
|
|
|
|
@pytest.mark.auth
|
|
def test_get_current_user_unauthorized(self, client):
|
|
"""Test getting current user without authentication"""
|
|
response = client.get("/api/users/me")
|
|
assert response.status_code == 401
|