Initial commit: WealthWise financial analytics platform
This commit is contained in:
193
backend/tests/test_auth_new.py
Normal file
193
backend/tests/test_auth_new.py
Normal file
@@ -0,0 +1,193 @@
|
||||
"""Tests for self-hosted authentication system.
|
||||
|
||||
This module tests the JWT-based authentication with OAuth2 Password Flow.
|
||||
"""
|
||||
|
||||
import pytest
|
||||
from fastapi.testclient import TestClient
|
||||
from sqlalchemy import select
|
||||
from sqlmodel.ext.asyncio.session import AsyncSession
|
||||
|
||||
from app.core.security import create_access_token, get_password_hash, verify_password
|
||||
from app.main import app
|
||||
from app.models import User
|
||||
from app.schemas.user import UserCreate
|
||||
|
||||
client = TestClient(app)
|
||||
|
||||
|
||||
class TestSecurityUtilities:
|
||||
"""Test cases for security utilities."""
|
||||
|
||||
def test_password_hashing(self):
|
||||
"""Test password hashing and verification."""
|
||||
password = "testpassword123"
|
||||
hashed = get_password_hash(password)
|
||||
|
||||
# Hash should be different from plain password
|
||||
assert hashed != password
|
||||
# Verification should succeed
|
||||
assert verify_password(password, hashed) is True
|
||||
# Wrong password should fail
|
||||
assert verify_password("wrongpassword", hashed) is False
|
||||
|
||||
def test_create_access_token(self):
|
||||
"""Test JWT token creation."""
|
||||
data = {"sub": "123e4567-e89b-12d3-a456-426614174000"}
|
||||
token = create_access_token(data)
|
||||
|
||||
assert token is not None
|
||||
assert isinstance(token, str)
|
||||
# JWT tokens have 3 parts separated by dots
|
||||
assert len(token.split(".")) == 3
|
||||
|
||||
|
||||
class TestAuthEndpoints:
|
||||
"""Test cases for authentication endpoints."""
|
||||
|
||||
def test_register_success(self):
|
||||
"""Test successful user registration."""
|
||||
response = client.post(
|
||||
"/api/v1/auth/register",
|
||||
json={
|
||||
"email": "test@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 201
|
||||
data = response.json()
|
||||
assert data["email"] == "test@wealthwise.app"
|
||||
assert "id" in data
|
||||
assert "hashed_password" not in data
|
||||
assert data["is_active"] is True
|
||||
|
||||
def test_register_duplicate_email(self):
|
||||
"""Test registration with duplicate email."""
|
||||
# First registration
|
||||
client.post(
|
||||
"/api/v1/auth/register",
|
||||
json={
|
||||
"email": "duplicate@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
# Second registration with same email
|
||||
response = client.post(
|
||||
"/api/v1/auth/register",
|
||||
json={
|
||||
"email": "duplicate@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 400
|
||||
assert "email already registered" in response.json()["detail"].lower()
|
||||
|
||||
def test_login_success(self):
|
||||
"""Test successful login."""
|
||||
# Register first
|
||||
client.post(
|
||||
"/api/v1/auth/register",
|
||||
json={
|
||||
"email": "login@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
# Login
|
||||
response = client.post(
|
||||
"/api/v1/auth/token",
|
||||
data={
|
||||
"username": "login@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert "access_token" in data
|
||||
assert data["token_type"] == "bearer"
|
||||
|
||||
def test_login_invalid_credentials(self):
|
||||
"""Test login with invalid credentials."""
|
||||
response = client.post(
|
||||
"/api/v1/auth/token",
|
||||
data={
|
||||
"username": "nonexistent@wealthwise.app",
|
||||
"password": "wrongpassword",
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 401
|
||||
|
||||
def test_login_wrong_password(self):
|
||||
"""Test login with wrong password."""
|
||||
# Register first
|
||||
client.post(
|
||||
"/api/v1/auth/register",
|
||||
json={
|
||||
"email": "wrongpass@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
# Login with wrong password
|
||||
response = client.post(
|
||||
"/api/v1/auth/token",
|
||||
data={
|
||||
"username": "wrongpass@wealthwise.app",
|
||||
"password": "wrongpassword",
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
class TestProtectedEndpoints:
|
||||
"""Test cases for protected endpoints."""
|
||||
|
||||
def test_me_without_auth(self):
|
||||
"""Test accessing /me without authentication."""
|
||||
response = client.get("/api/v1/users/me")
|
||||
assert response.status_code == 401
|
||||
|
||||
def test_me_with_valid_token(self):
|
||||
"""Test accessing /me with valid token."""
|
||||
# Register and login
|
||||
register_response = client.post(
|
||||
"/api/v1/auth/register",
|
||||
json={
|
||||
"email": "protected@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
login_response = client.post(
|
||||
"/api/v1/auth/token",
|
||||
data={
|
||||
"username": "protected@wealthwise.app",
|
||||
"password": "testpassword123",
|
||||
},
|
||||
)
|
||||
|
||||
token = login_response.json()["access_token"]
|
||||
|
||||
# Access protected endpoint
|
||||
response = client.get(
|
||||
"/api/v1/users/me",
|
||||
headers={"Authorization": f"Bearer {token}"},
|
||||
)
|
||||
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert data["email"] == "protected@wealthwise.app"
|
||||
|
||||
def test_me_with_invalid_token(self):
|
||||
"""Test accessing /me with invalid token."""
|
||||
response = client.get(
|
||||
"/api/v1/users/me",
|
||||
headers={"Authorization": "Bearer invalid-token"},
|
||||
)
|
||||
assert response.status_code == 401
|
||||
Reference in New Issue
Block a user