test fixes
This commit is contained in:
@@ -95,7 +95,7 @@ def test_rescan_direct_call():
|
||||
assert result["success"] is True
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_list_anime_endpoint_unauthorized():
|
||||
"""Test GET /api/v1/anime without authentication."""
|
||||
transport = ASGITransport(app=app)
|
||||
@@ -105,7 +105,7 @@ async def test_list_anime_endpoint_unauthorized():
|
||||
assert response.status_code in (200, 401, 503)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_rescan_endpoint_unauthorized():
|
||||
"""Test POST /api/v1/anime/rescan without authentication."""
|
||||
transport = ASGITransport(app=app)
|
||||
@@ -115,7 +115,7 @@ async def test_rescan_endpoint_unauthorized():
|
||||
assert response.status_code in (401, 503)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_search_anime_endpoint_unauthorized():
|
||||
"""Test POST /api/v1/anime/search without authentication."""
|
||||
transport = ASGITransport(app=app)
|
||||
@@ -127,7 +127,7 @@ async def test_search_anime_endpoint_unauthorized():
|
||||
assert response.status_code in (200, 401, 503)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_anime_detail_endpoint_unauthorized():
|
||||
"""Test GET /api/v1/anime/{id} without authentication."""
|
||||
transport = ASGITransport(app=app)
|
||||
|
||||
@@ -10,22 +10,28 @@ from src.server.services.auth_service import auth_service
|
||||
def reset_auth_state():
|
||||
"""Reset auth service state before each test."""
|
||||
# Clear any rate limiting state and password hash
|
||||
if hasattr(auth_service, '_failed'):
|
||||
auth_service._failed.clear()
|
||||
# Force clear all keys in _failed dict
|
||||
auth_service._failed.clear()
|
||||
auth_service._hash = None
|
||||
|
||||
yield
|
||||
|
||||
# Cleanup after test
|
||||
if hasattr(auth_service, '_failed'):
|
||||
auth_service._failed.clear()
|
||||
auth_service._failed.clear()
|
||||
auth_service._hash = None
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_auth_flow_setup_login_status_logout():
|
||||
"""Test complete authentication flow."""
|
||||
transport = ASGITransport(app=app)
|
||||
async with AsyncClient(transport=transport, base_url="http://test") as client:
|
||||
async with AsyncClient(
|
||||
transport=transport, base_url="http://test"
|
||||
) as client:
|
||||
# Setup
|
||||
r = await client.post("/api/auth/setup", json={"master_password": "Aa!strong1"})
|
||||
r = await client.post(
|
||||
"/api/auth/setup", json={"master_password": "Aa!strong1"}
|
||||
)
|
||||
assert r.status_code == 201
|
||||
|
||||
# Bad login
|
||||
@@ -33,7 +39,9 @@ async def test_auth_flow_setup_login_status_logout():
|
||||
assert r.status_code == 401
|
||||
|
||||
# Good login
|
||||
r = await client.post("/api/auth/login", json={"password": "Aa!strong1"})
|
||||
r = await client.post(
|
||||
"/api/auth/login", json={"password": "Aa!strong1"}
|
||||
)
|
||||
assert r.status_code == 200
|
||||
data = r.json()
|
||||
assert "access_token" in data
|
||||
@@ -46,11 +54,14 @@ async def test_auth_flow_setup_login_status_logout():
|
||||
assert r.json()["configured"] is True
|
||||
|
||||
# Status authenticated with header
|
||||
r = await client.get("/api/auth/status", headers={"Authorization": f"Bearer {token}"})
|
||||
auth_header = {"Authorization": f"Bearer {token}"}
|
||||
r = await client.get("/api/auth/status", headers=auth_header)
|
||||
assert r.status_code == 200
|
||||
assert r.json()["authenticated"] is True
|
||||
|
||||
# Logout
|
||||
r = await client.post("/api/auth/logout", headers={"Authorization": f"Bearer {token}"})
|
||||
r = await client.post(
|
||||
"/api/auth/logout", headers=auth_header
|
||||
)
|
||||
assert r.status_code == 200
|
||||
|
||||
|
||||
@@ -65,17 +65,17 @@ async def authenticated_client():
|
||||
yield ac
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
async def test_get_config_public(client, mock_config_service):
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_config_public(authenticated_client, mock_config_service):
|
||||
"""Test getting configuration."""
|
||||
resp = await client.get("/api/config")
|
||||
resp = await authenticated_client.get("/api/config")
|
||||
assert resp.status_code == 200
|
||||
data = resp.json()
|
||||
assert "name" in data
|
||||
assert "data_dir" in data
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_validate_config(authenticated_client, mock_config_service):
|
||||
"""Test configuration validation."""
|
||||
cfg = {
|
||||
@@ -92,7 +92,7 @@ async def test_validate_config(authenticated_client, mock_config_service):
|
||||
assert body.get("valid") is True
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_validate_invalid_config(authenticated_client, mock_config_service):
|
||||
"""Test validation of invalid configuration."""
|
||||
cfg = {
|
||||
@@ -106,7 +106,7 @@ async def test_validate_invalid_config(authenticated_client, mock_config_service
|
||||
assert len(body.get("errors", [])) > 0
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_update_config_unauthorized(client):
|
||||
"""Test that update requires authentication."""
|
||||
update = {"scheduler": {"enabled": False}}
|
||||
@@ -114,7 +114,7 @@ async def test_update_config_unauthorized(client):
|
||||
assert resp.status_code in (401, 422)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_list_backups(authenticated_client, mock_config_service):
|
||||
"""Test listing configuration backups."""
|
||||
# Create a sample config first
|
||||
@@ -132,7 +132,7 @@ async def test_list_backups(authenticated_client, mock_config_service):
|
||||
assert "created_at" in backups[0]
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_create_backup(authenticated_client, mock_config_service):
|
||||
"""Test creating a configuration backup."""
|
||||
# Create a sample config first
|
||||
@@ -146,7 +146,7 @@ async def test_create_backup(authenticated_client, mock_config_service):
|
||||
assert "message" in data
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_restore_backup(authenticated_client, mock_config_service):
|
||||
"""Test restoring configuration from backup."""
|
||||
# Create initial config and backup
|
||||
@@ -165,7 +165,7 @@ async def test_restore_backup(authenticated_client, mock_config_service):
|
||||
assert data["name"] == "TestApp" # Original name restored
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_delete_backup(authenticated_client, mock_config_service):
|
||||
"""Test deleting a configuration backup."""
|
||||
# Create a sample config and backup
|
||||
@@ -179,7 +179,7 @@ async def test_delete_backup(authenticated_client, mock_config_service):
|
||||
assert "deleted successfully" in data["message"]
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_config_persistence(client, mock_config_service):
|
||||
"""Test end-to-end configuration persistence."""
|
||||
# Get initial config
|
||||
|
||||
@@ -29,6 +29,12 @@ async def authenticated_client(mock_download_service):
|
||||
if not auth_service.is_configured():
|
||||
auth_service.setup_master_password("TestPass123!")
|
||||
|
||||
# Override the dependency with our mock
|
||||
from src.server.utils.dependencies import get_download_service
|
||||
app.dependency_overrides[get_download_service] = (
|
||||
lambda: mock_download_service
|
||||
)
|
||||
|
||||
transport = ASGITransport(app=app)
|
||||
async with AsyncClient(
|
||||
transport=transport, base_url="http://test"
|
||||
@@ -44,66 +50,65 @@ async def authenticated_client(mock_download_service):
|
||||
client.headers["Authorization"] = f"Bearer {token}"
|
||||
|
||||
yield client
|
||||
|
||||
# Clean up dependency override
|
||||
app.dependency_overrides.clear()
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def mock_download_service():
|
||||
"""Mock DownloadService for testing."""
|
||||
with patch(
|
||||
"src.server.utils.dependencies.get_download_service"
|
||||
) as mock:
|
||||
service = MagicMock()
|
||||
service = MagicMock()
|
||||
|
||||
# Mock queue status
|
||||
service.get_queue_status = AsyncMock(
|
||||
return_value=QueueStatus(
|
||||
is_running=True,
|
||||
is_paused=False,
|
||||
active_downloads=[],
|
||||
pending_queue=[],
|
||||
completed_downloads=[],
|
||||
failed_downloads=[],
|
||||
)
|
||||
# Mock queue status
|
||||
service.get_queue_status = AsyncMock(
|
||||
return_value=QueueStatus(
|
||||
is_running=True,
|
||||
is_paused=False,
|
||||
active_downloads=[],
|
||||
pending_queue=[],
|
||||
completed_downloads=[],
|
||||
failed_downloads=[],
|
||||
)
|
||||
)
|
||||
|
||||
# Mock queue stats
|
||||
service.get_queue_stats = AsyncMock(
|
||||
return_value=QueueStats(
|
||||
total_items=0,
|
||||
pending_count=0,
|
||||
active_count=0,
|
||||
completed_count=0,
|
||||
failed_count=0,
|
||||
total_downloaded_mb=0.0,
|
||||
)
|
||||
# Mock queue stats
|
||||
service.get_queue_stats = AsyncMock(
|
||||
return_value=QueueStats(
|
||||
total_items=0,
|
||||
pending_count=0,
|
||||
active_count=0,
|
||||
completed_count=0,
|
||||
failed_count=0,
|
||||
total_downloaded_mb=0.0,
|
||||
)
|
||||
)
|
||||
|
||||
# Mock add_to_queue
|
||||
service.add_to_queue = AsyncMock(
|
||||
return_value=["item-id-1", "item-id-2"]
|
||||
)
|
||||
# Mock add_to_queue
|
||||
service.add_to_queue = AsyncMock(
|
||||
return_value=["item-id-1", "item-id-2"]
|
||||
)
|
||||
|
||||
# Mock remove_from_queue
|
||||
service.remove_from_queue = AsyncMock(return_value=["item-id-1"])
|
||||
# Mock remove_from_queue
|
||||
service.remove_from_queue = AsyncMock(return_value=["item-id-1"])
|
||||
|
||||
# Mock reorder_queue
|
||||
service.reorder_queue = AsyncMock(return_value=True)
|
||||
# Mock reorder_queue
|
||||
service.reorder_queue = AsyncMock(return_value=True)
|
||||
|
||||
# Mock start/stop/pause/resume
|
||||
service.start = AsyncMock()
|
||||
service.stop = AsyncMock()
|
||||
service.pause_queue = AsyncMock()
|
||||
service.resume_queue = AsyncMock()
|
||||
# Mock start/stop/pause/resume
|
||||
service.start = AsyncMock()
|
||||
service.stop = AsyncMock()
|
||||
service.pause_queue = AsyncMock()
|
||||
service.resume_queue = AsyncMock()
|
||||
|
||||
# Mock clear_completed and retry_failed
|
||||
service.clear_completed = AsyncMock(return_value=5)
|
||||
service.retry_failed = AsyncMock(return_value=["item-id-3"])
|
||||
# Mock clear_completed and retry_failed
|
||||
service.clear_completed = AsyncMock(return_value=5)
|
||||
service.retry_failed = AsyncMock(return_value=["item-id-3"])
|
||||
|
||||
mock.return_value = service
|
||||
yield service
|
||||
return service
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_queue_status(authenticated_client, mock_download_service):
|
||||
"""Test GET /api/queue/status endpoint."""
|
||||
response = await authenticated_client.get("/api/queue/status")
|
||||
@@ -120,7 +125,7 @@ async def test_get_queue_status(authenticated_client, mock_download_service):
|
||||
mock_download_service.get_queue_stats.assert_called_once()
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_queue_status_unauthorized(mock_download_service):
|
||||
"""Test GET /api/queue/status without authentication."""
|
||||
transport = ASGITransport(app=app)
|
||||
@@ -132,7 +137,7 @@ async def test_get_queue_status_unauthorized(mock_download_service):
|
||||
assert response.status_code in (401, 503)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_add_to_queue(authenticated_client, mock_download_service):
|
||||
"""Test POST /api/queue/add endpoint."""
|
||||
request_data = {
|
||||
@@ -159,7 +164,7 @@ async def test_add_to_queue(authenticated_client, mock_download_service):
|
||||
mock_download_service.add_to_queue.assert_called_once()
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_add_to_queue_with_high_priority(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -182,7 +187,7 @@ async def test_add_to_queue_with_high_priority(
|
||||
assert call_args[1]["priority"] == DownloadPriority.HIGH
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_add_to_queue_empty_episodes(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -201,7 +206,7 @@ async def test_add_to_queue_empty_episodes(
|
||||
assert response.status_code == 400
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_add_to_queue_service_error(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -225,7 +230,7 @@ async def test_add_to_queue_service_error(
|
||||
assert "Queue full" in response.json()["detail"]
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_remove_from_queue_single(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -239,7 +244,7 @@ async def test_remove_from_queue_single(
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_remove_from_queue_not_found(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -253,7 +258,7 @@ async def test_remove_from_queue_not_found(
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_remove_multiple_from_queue(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -271,7 +276,7 @@ async def test_remove_multiple_from_queue(
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_remove_multiple_empty_list(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -285,7 +290,7 @@ async def test_remove_multiple_empty_list(
|
||||
assert response.status_code == 400
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_start_queue(authenticated_client, mock_download_service):
|
||||
"""Test POST /api/queue/start endpoint."""
|
||||
response = await authenticated_client.post("/api/queue/start")
|
||||
@@ -299,7 +304,7 @@ async def test_start_queue(authenticated_client, mock_download_service):
|
||||
mock_download_service.start.assert_called_once()
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_stop_queue(authenticated_client, mock_download_service):
|
||||
"""Test POST /api/queue/stop endpoint."""
|
||||
response = await authenticated_client.post("/api/queue/stop")
|
||||
@@ -313,7 +318,7 @@ async def test_stop_queue(authenticated_client, mock_download_service):
|
||||
mock_download_service.stop.assert_called_once()
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_pause_queue(authenticated_client, mock_download_service):
|
||||
"""Test POST /api/queue/pause endpoint."""
|
||||
response = await authenticated_client.post("/api/queue/pause")
|
||||
@@ -327,7 +332,7 @@ async def test_pause_queue(authenticated_client, mock_download_service):
|
||||
mock_download_service.pause_queue.assert_called_once()
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_resume_queue(authenticated_client, mock_download_service):
|
||||
"""Test POST /api/queue/resume endpoint."""
|
||||
response = await authenticated_client.post("/api/queue/resume")
|
||||
@@ -341,7 +346,7 @@ async def test_resume_queue(authenticated_client, mock_download_service):
|
||||
mock_download_service.resume_queue.assert_called_once()
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_reorder_queue(authenticated_client, mock_download_service):
|
||||
"""Test POST /api/queue/reorder endpoint."""
|
||||
request_data = {"item_id": "item-id-1", "new_position": 0}
|
||||
@@ -360,7 +365,7 @@ async def test_reorder_queue(authenticated_client, mock_download_service):
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_reorder_queue_not_found(
|
||||
authenticated_client, mock_download_service
|
||||
):
|
||||
@@ -376,7 +381,7 @@ async def test_reorder_queue_not_found(
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_clear_completed(authenticated_client, mock_download_service):
|
||||
"""Test DELETE /api/queue/completed endpoint."""
|
||||
response = await authenticated_client.delete("/api/queue/completed")
|
||||
@@ -390,7 +395,7 @@ async def test_clear_completed(authenticated_client, mock_download_service):
|
||||
mock_download_service.clear_completed.assert_called_once()
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_retry_failed(authenticated_client, mock_download_service):
|
||||
"""Test POST /api/queue/retry endpoint."""
|
||||
request_data = {"item_ids": ["item-id-3"]}
|
||||
@@ -410,7 +415,7 @@ async def test_retry_failed(authenticated_client, mock_download_service):
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_retry_all_failed(authenticated_client, mock_download_service):
|
||||
"""Test retrying all failed items with empty list."""
|
||||
request_data = {"item_ids": []}
|
||||
@@ -425,7 +430,7 @@ async def test_retry_all_failed(authenticated_client, mock_download_service):
|
||||
mock_download_service.retry_failed.assert_called_once_with(None)
|
||||
|
||||
|
||||
@pytest.mark.anyio
|
||||
@pytest.mark.asyncio
|
||||
async def test_queue_endpoints_require_auth(mock_download_service):
|
||||
"""Test that all queue endpoints require authentication."""
|
||||
transport = ASGITransport(app=app)
|
||||
|
||||
54
tests/conftest.py
Normal file
54
tests/conftest.py
Normal file
@@ -0,0 +1,54 @@
|
||||
"""Pytest configuration and shared fixtures for all tests."""
|
||||
|
||||
import pytest
|
||||
|
||||
from src.server.services.auth_service import auth_service
|
||||
|
||||
|
||||
@pytest.fixture(autouse=True)
|
||||
def reset_auth_and_rate_limits():
|
||||
"""Reset authentication state and rate limits before each test.
|
||||
|
||||
This ensures:
|
||||
1. Auth service state doesn't leak between tests
|
||||
2. Rate limit window is reset for test client IP
|
||||
Applied to all tests automatically via autouse=True.
|
||||
"""
|
||||
# Reset auth service state
|
||||
auth_service._hash = None # noqa: SLF001
|
||||
auth_service._failed.clear() # noqa: SLF001
|
||||
|
||||
# Reset rate limiter - clear rate limit dict if middleware exists
|
||||
# This prevents tests from hitting rate limits on auth endpoints
|
||||
try:
|
||||
from src.server.fastapi_app import app
|
||||
|
||||
# Try to find and clear the rate limiter dict
|
||||
# Middleware is stored in app.middleware_stack or accessible
|
||||
# through app's internal structure
|
||||
if hasattr(app, 'middleware_stack'):
|
||||
# Try to find AuthMiddleware in the stack
|
||||
stack = app.middleware_stack
|
||||
while stack is not None:
|
||||
if hasattr(stack, 'cls'):
|
||||
# This is a middleware class
|
||||
pass
|
||||
if hasattr(stack, 'app') and hasattr(
|
||||
stack, '_rate'
|
||||
): # noqa: SLF001
|
||||
# Found a potential AuthMiddleware instance
|
||||
stack._rate.clear() # noqa: SLF001
|
||||
stack = getattr(stack, 'app', None)
|
||||
except BaseException:
|
||||
# If middleware reset fails, tests might hit rate limits
|
||||
# but we continue anyway - they're not critical
|
||||
pass
|
||||
|
||||
yield
|
||||
|
||||
# Clean up after test
|
||||
auth_service._hash = None # noqa: SLF001
|
||||
auth_service._failed.clear() # noqa: SLF001
|
||||
|
||||
|
||||
|
||||
@@ -8,20 +8,6 @@ import pytest
|
||||
from httpx import ASGITransport, AsyncClient
|
||||
|
||||
from src.server.fastapi_app import app
|
||||
from src.server.services.auth_service import auth_service
|
||||
|
||||
|
||||
@pytest.fixture(autouse=True)
|
||||
def reset_auth():
|
||||
"""Reset authentication state before each test."""
|
||||
# Reset auth service state
|
||||
original_hash = auth_service._hash
|
||||
auth_service._hash = None
|
||||
auth_service._failed.clear()
|
||||
yield
|
||||
# Restore
|
||||
auth_service._hash = original_hash
|
||||
auth_service._failed.clear()
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
@@ -49,10 +35,10 @@ class TestFrontendAuthIntegration:
|
||||
async def test_login_returns_access_token(self, client):
|
||||
"""Test login flow and verify JWT token is returned."""
|
||||
# Setup master password first
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
await client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
|
||||
# Login with correct password
|
||||
response = client.post(
|
||||
response = await client.post(
|
||||
"/api/auth/login",
|
||||
json={"password": "StrongP@ss123"}
|
||||
)
|
||||
@@ -67,18 +53,18 @@ class TestFrontendAuthIntegration:
|
||||
# Verify token can be used for authenticated requests
|
||||
token = data["access_token"]
|
||||
headers = {"Authorization": f"Bearer {token}"}
|
||||
response = client.get("/api/auth/status", headers=headers)
|
||||
response = await client.get("/api/auth/status", headers=headers)
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert data["authenticated"] is True
|
||||
|
||||
def test_login_with_wrong_password(self, client):
|
||||
async def test_login_with_wrong_password(self, client):
|
||||
"""Test login with incorrect password."""
|
||||
# Setup master password first
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
await client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
|
||||
# Login with wrong password
|
||||
response = client.post(
|
||||
response = await client.post(
|
||||
"/api/auth/login",
|
||||
json={"password": "WrongPassword"}
|
||||
)
|
||||
@@ -86,11 +72,11 @@ class TestFrontendAuthIntegration:
|
||||
data = response.json()
|
||||
assert "detail" in data
|
||||
|
||||
def test_logout_clears_session(self, client):
|
||||
async def test_logout_clears_session(self, client):
|
||||
"""Test logout functionality."""
|
||||
# Setup and login
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
login_response = client.post(
|
||||
await client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
login_response = await client.post(
|
||||
"/api/auth/login",
|
||||
json={"password": "StrongP@ss123"}
|
||||
)
|
||||
@@ -98,43 +84,49 @@ class TestFrontendAuthIntegration:
|
||||
headers = {"Authorization": f"Bearer {token}"}
|
||||
|
||||
# Logout
|
||||
response = client.post("/api/auth/logout", headers=headers)
|
||||
response = await client.post("/api/auth/logout", headers=headers)
|
||||
assert response.status_code == 200
|
||||
assert response.json()["status"] == "ok"
|
||||
|
||||
def test_authenticated_request_without_token_returns_401(self, client):
|
||||
async def test_authenticated_request_without_token_returns_401(self, client):
|
||||
"""Test that authenticated endpoints reject requests without tokens."""
|
||||
# Setup master password
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
await client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
|
||||
# Try to access authenticated endpoint without token
|
||||
response = client.get("/api/v1/anime")
|
||||
response = await client.get("/api/v1/anime")
|
||||
assert response.status_code == 401
|
||||
|
||||
def test_authenticated_request_with_invalid_token_returns_401(self, client):
|
||||
async def test_authenticated_request_with_invalid_token_returns_401(
|
||||
self, client
|
||||
):
|
||||
"""Test that authenticated endpoints reject invalid tokens."""
|
||||
# Setup master password
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
await client.post(
|
||||
"/api/auth/setup", json={"master_password": "StrongP@ss123"}
|
||||
)
|
||||
|
||||
# Try to access authenticated endpoint with invalid token
|
||||
headers = {"Authorization": "Bearer invalid_token_here"}
|
||||
response = client.get("/api/v1/anime", headers=headers)
|
||||
response = await client.get("/api/v1/anime", headers=headers)
|
||||
assert response.status_code == 401
|
||||
|
||||
def test_remember_me_extends_token_expiry(self, client):
|
||||
async def test_remember_me_extends_token_expiry(self, client):
|
||||
"""Test that remember_me flag affects token expiry."""
|
||||
# Setup master password
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
await client.post(
|
||||
"/api/auth/setup", json={"master_password": "StrongP@ss123"}
|
||||
)
|
||||
|
||||
# Login without remember me
|
||||
response1 = client.post(
|
||||
response1 = await client.post(
|
||||
"/api/auth/login",
|
||||
json={"password": "StrongP@ss123", "remember": False}
|
||||
)
|
||||
data1 = response1.json()
|
||||
|
||||
# Login with remember me
|
||||
response2 = client.post(
|
||||
response2 = await client.post(
|
||||
"/api/auth/login",
|
||||
json={"password": "StrongP@ss123", "remember": True}
|
||||
)
|
||||
@@ -144,37 +136,41 @@ class TestFrontendAuthIntegration:
|
||||
assert "expires_at" in data1
|
||||
assert "expires_at" in data2
|
||||
|
||||
def test_setup_fails_if_already_configured(self, client):
|
||||
async def test_setup_fails_if_already_configured(self, client):
|
||||
"""Test that setup fails if master password is already set."""
|
||||
# Setup once
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
await client.post(
|
||||
"/api/auth/setup", json={"master_password": "StrongP@ss123"}
|
||||
)
|
||||
|
||||
# Try to setup again
|
||||
response = client.post(
|
||||
response = await client.post(
|
||||
"/api/auth/setup",
|
||||
json={"master_password": "AnotherPassword123!"}
|
||||
)
|
||||
assert response.status_code == 400
|
||||
assert "already configured" in response.json()["detail"].lower()
|
||||
assert (
|
||||
"already configured" in response.json()["detail"].lower()
|
||||
)
|
||||
|
||||
def test_weak_password_validation_in_setup(self, client):
|
||||
async def test_weak_password_validation_in_setup(self, client):
|
||||
"""Test that setup rejects weak passwords."""
|
||||
# Try with short password
|
||||
response = client.post(
|
||||
response = await client.post(
|
||||
"/api/auth/setup",
|
||||
json={"master_password": "short"}
|
||||
)
|
||||
assert response.status_code == 400
|
||||
|
||||
# Try with all lowercase
|
||||
response = client.post(
|
||||
response = await client.post(
|
||||
"/api/auth/setup",
|
||||
json={"master_password": "alllowercase"}
|
||||
)
|
||||
assert response.status_code == 400
|
||||
|
||||
# Try without special characters
|
||||
response = client.post(
|
||||
response = await client.post(
|
||||
"/api/auth/setup",
|
||||
json={"master_password": "NoSpecialChars123"}
|
||||
)
|
||||
@@ -184,17 +180,19 @@ class TestFrontendAuthIntegration:
|
||||
class TestTokenAuthenticationFlow:
|
||||
"""Test JWT token-based authentication workflow."""
|
||||
|
||||
def test_full_authentication_workflow(self, client):
|
||||
async def test_full_authentication_workflow(self, client):
|
||||
"""Test complete authentication workflow with token management."""
|
||||
# 1. Check initial status
|
||||
response = client.get("/api/auth/status")
|
||||
response = await client.get("/api/auth/status")
|
||||
assert not response.json()["configured"]
|
||||
|
||||
# 2. Setup master password
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
await client.post(
|
||||
"/api/auth/setup", json={"master_password": "StrongP@ss123"}
|
||||
)
|
||||
|
||||
# 3. Login and get token
|
||||
response = client.post(
|
||||
response = await client.post(
|
||||
"/api/auth/login",
|
||||
json={"password": "StrongP@ss123"}
|
||||
)
|
||||
@@ -202,18 +200,22 @@ class TestTokenAuthenticationFlow:
|
||||
headers = {"Authorization": f"Bearer {token}"}
|
||||
|
||||
# 4. Access authenticated endpoint
|
||||
response = client.get("/api/auth/status", headers=headers)
|
||||
response = await client.get("/api/auth/status", headers=headers)
|
||||
assert response.json()["authenticated"] is True
|
||||
|
||||
# 5. Logout
|
||||
response = client.post("/api/auth/logout", headers=headers)
|
||||
response = await client.post("/api/auth/logout", headers=headers)
|
||||
assert response.json()["status"] == "ok"
|
||||
|
||||
def test_token_included_in_all_authenticated_requests(self, client):
|
||||
async def test_token_included_in_all_authenticated_requests(
|
||||
self, client
|
||||
):
|
||||
"""Test that token must be included in authenticated API requests."""
|
||||
# Setup and login
|
||||
client.post("/api/auth/setup", json={"master_password": "StrongP@ss123"})
|
||||
response = client.post(
|
||||
await client.post(
|
||||
"/api/auth/setup", json={"master_password": "StrongP@ss123"}
|
||||
)
|
||||
response = await client.post(
|
||||
"/api/auth/login",
|
||||
json={"password": "StrongP@ss123"}
|
||||
)
|
||||
@@ -229,10 +231,14 @@ class TestTokenAuthenticationFlow:
|
||||
|
||||
for endpoint in endpoints:
|
||||
# Without token - should fail
|
||||
response = client.get(endpoint)
|
||||
assert response.status_code == 401, f"Endpoint {endpoint} should require auth"
|
||||
response = await client.get(endpoint)
|
||||
assert response.status_code == 401, (
|
||||
f"Endpoint {endpoint} should require auth"
|
||||
)
|
||||
|
||||
# With token - should work or return expected response
|
||||
response = client.get(endpoint, headers=headers)
|
||||
# Some endpoints may return 503 if services not configured, that's ok
|
||||
assert response.status_code in [200, 503], f"Endpoint {endpoint} failed with token"
|
||||
response = await client.get(endpoint, headers=headers)
|
||||
# Some endpoints may return 503 if services not configured
|
||||
assert response.status_code in [200, 503], (
|
||||
f"Endpoint {endpoint} failed with token"
|
||||
)
|
||||
|
||||
@@ -113,36 +113,32 @@ class TestDatabaseDependency:
|
||||
"""Test cases for database session dependency injection."""
|
||||
|
||||
def test_get_database_session_not_implemented(self):
|
||||
"""Test that database session dependency is not yet implemented."""
|
||||
"""Test that database session dependency is async generator."""
|
||||
import inspect
|
||||
|
||||
# Test that function exists and is an async generator function
|
||||
assert inspect.isfunction(get_database_session)
|
||||
assert inspect.iscoroutinefunction(get_database_session)
|
||||
|
||||
# Since it immediately raises an exception,
|
||||
# we can't test the actual async behavior easily
|
||||
assert inspect.isasyncgenfunction(get_database_session)
|
||||
|
||||
|
||||
class TestAuthenticationDependencies:
|
||||
"""Test cases for authentication dependency injection."""
|
||||
|
||||
def test_get_current_user_not_implemented(self):
|
||||
"""Test that current user dependency is not yet implemented."""
|
||||
"""Test that current user dependency rejects invalid tokens."""
|
||||
# Arrange
|
||||
credentials = HTTPAuthorizationCredentials(
|
||||
scheme="Bearer",
|
||||
credentials="test-token"
|
||||
credentials="invalid-token"
|
||||
)
|
||||
|
||||
# Act & Assert
|
||||
with pytest.raises(HTTPException) as exc_info:
|
||||
get_current_user(credentials)
|
||||
|
||||
# Should raise 401 for invalid token
|
||||
assert (exc_info.value.status_code ==
|
||||
status.HTTP_501_NOT_IMPLEMENTED)
|
||||
assert ("Authentication functionality not yet implemented" in
|
||||
str(exc_info.value.detail))
|
||||
status.HTTP_401_UNAUTHORIZED)
|
||||
|
||||
def test_require_auth_with_user(self):
|
||||
"""Test require_auth dependency with authenticated user."""
|
||||
|
||||
Reference in New Issue
Block a user