# Test complete authentication flow

# Step 1: Login
Write-Host "=== Testing Login ==="
$loginResponse = Invoke-WebRequest -Uri "http://127.0.0.1:8000/auth/login" -Method POST -ContentType "application/json" -Body '{"password": "admin123"}'
$loginData = $loginResponse.Content | ConvertFrom-Json
$token = $loginData.token
Write-Host "Login successful. Token received: $($token.Substring(0,20))..."

# Step 2: Verify token
Write-Host "`n=== Testing Token Verification ==="
$headers = @{ "Authorization" = "Bearer $token" }
$verifyResponse = Invoke-WebRequest -Uri "http://127.0.0.1:8000/auth/verify" -Headers $headers
Write-Host "Token verification response: $($verifyResponse.Content)"

# Step 3: Test protected endpoint
Write-Host "`n=== Testing Protected Endpoint ==="
$authStatusResponse = Invoke-WebRequest -Uri "http://127.0.0.1:8000/api/auth/status" -Headers $headers
Write-Host "Auth status response: $($authStatusResponse.Content)"

# Step 4: Logout
Write-Host "`n=== Testing Logout ==="
$logoutResponse = Invoke-WebRequest -Uri "http://127.0.0.1:8000/auth/logout" -Method POST -Headers $headers
Write-Host "Logout response: $($logoutResponse.Content)"

# Step 5: Test expired/invalid token
Write-Host "`n=== Testing Invalid Token ==="
try {
    $invalidResponse = Invoke-WebRequest -Uri "http://127.0.0.1:8000/auth/verify" -Headers @{ "Authorization" = "Bearer invalid_token" }
    Write-Host "Invalid token response: $($invalidResponse.Content)"
} catch {
    Write-Host "Invalid token correctly rejected: $($_.Exception.Message)"
}

Write-Host "`n=== Authentication Flow Test Complete ==="