lukas.pupkalipinski/Aniworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test isses fixes

Browse Source
This commit is contained in:
Lukas
2025-10-20 22:46:03 +02:00
parent d143d56d8b
commit 2e57c4f424
7 changed files with 376 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
tests/integration/test_auth_flow.py
View File

@@ -306,13 +306,13 @@ class TestProtectedEndpoints:
async def test_anime_endpoints_require_auth(self, client):
"""Test that anime endpoints require authentication."""
# Without token
response = await client.get("/api/v1/anime")
response = await client.get("/api/v1/anime/")
assert response.status_code == 401
# With valid token
token = await self.get_valid_token(client)
response = await client.get(
"/api/v1/anime",
"/api/v1/anime/",
headers={"Authorization": f"Bearer {token}"}
)
assert response.status_code in [200, 503]
@@ -349,13 +349,13 @@ class TestProtectedEndpoints:
async def test_config_endpoints_require_auth(self, client):
"""Test that config endpoints require authentication."""
# Without token
response = await client.get("/api/v1/config")
response = await client.get("/api/config")
assert response.status_code == 401
# With token
token = await self.get_valid_token(client)
response = await client.get(
"/api/v1/config",
"/api/config",
headers={"Authorization": f"Bearer {token}"}
)
assert response.status_code in [200, 503]
@@ -453,23 +453,25 @@ class TestRateLimitingAndLockout:
async def test_lockout_after_max_failed_attempts(self, client):
"""Test account lockout after maximum failed attempts."""
# Setup
# Setup (counts as 1 request towards rate limit)
await client.post(
"/api/auth/setup",
json={"master_password": "CorrectPassword123!"}
)
# Make multiple failed attempts to trigger lockout
# Note: setup used 1 request, so we can make 4 more before rate limit
for i in range(6): # More than max allowed
response = await client.post(
"/api/auth/login",
json={"password": "WrongPassword123!"}
)
if i < 5:
if i < 4:
# First 4 login attempts get 401 (setup + 4 = 5 total)
assert response.status_code == 401
else:
# Should be locked out
# 5th and 6th attempts should be rate limited or rejected
assert response.status_code in [401, 429]
async def test_successful_login_resets_failed_attempts(self, client):

6
tests/integration/test_frontend_auth_integration.py
View File

@@ -160,14 +160,14 @@ class TestFrontendAuthIntegration:
"/api/auth/setup",
json={"master_password": "short"}
)
assert response.status_code == 400
assert response.status_code in [400, 422]
# Try with all lowercase
response = await client.post(
"/api/auth/setup",
json={"master_password": "alllowercase"}
)
assert response.status_code == 400
assert response.status_code in [400, 422]
# Try without special characters
response = await client.post(
@@ -224,7 +224,7 @@ class TestTokenAuthenticationFlow:
# Test various authenticated endpoints
endpoints = [
"/api/v1/anime",
"/api/v1/anime/",
"/api/queue/status",
"/api/config",
]

4
tests/integration/test_frontend_integration_smoke.py
View File

@@ -68,12 +68,12 @@ class TestFrontendIntegration:
token = login_resp.json()["access_token"]
# Test without token - should fail
response = await client.get("/api/v1/anime")
response = await client.get("/api/v1/anime/")
assert response.status_code == 401
# Test with Bearer token in header - should work or return 503
headers = {"Authorization": f"Bearer {token}"}
response = await client.get("/api/v1/anime", headers=headers)
response = await client.get("/api/v1/anime/", headers=headers)
# May return 503 if anime directory not configured
assert response.status_code in [200, 503]