Use shared SESSION_COOKIE_NAME in auth router tests
This commit is contained in:
@@ -8,6 +8,8 @@ from unittest.mock import patch
|
|||||||
import pytest
|
import pytest
|
||||||
from httpx import AsyncClient
|
from httpx import AsyncClient
|
||||||
|
|
||||||
|
from app.utils.constants import SESSION_COOKIE_NAME
|
||||||
|
|
||||||
# ---------------------------------------------------------------------------
|
# ---------------------------------------------------------------------------
|
||||||
# Helpers
|
# Helpers
|
||||||
# ---------------------------------------------------------------------------
|
# ---------------------------------------------------------------------------
|
||||||
@@ -64,8 +66,8 @@ class TestLogin:
|
|||||||
"/api/auth/login", json={"password": "mysecretpass1"}
|
"/api/auth/login", json={"password": "mysecretpass1"}
|
||||||
)
|
)
|
||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
assert "bangui_session" in response.cookies
|
assert SESSION_COOKIE_NAME in response.cookies
|
||||||
assert "." in response.cookies["bangui_session"]
|
assert "." in response.cookies[SESSION_COOKIE_NAME]
|
||||||
set_cookie = response.headers.get("set-cookie", "")
|
set_cookie = response.headers.get("set-cookie", "")
|
||||||
assert "HttpOnly" in set_cookie
|
assert "HttpOnly" in set_cookie
|
||||||
assert "SameSite=lax" in set_cookie
|
assert "SameSite=lax" in set_cookie
|
||||||
@@ -124,7 +126,7 @@ class TestLogout:
|
|||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
# Cookie should be set to empty / deleted in the Set-Cookie header.
|
# Cookie should be set to empty / deleted in the Set-Cookie header.
|
||||||
set_cookie = response.headers.get("set-cookie", "")
|
set_cookie = response.headers.get("set-cookie", "")
|
||||||
assert "bangui_session" in set_cookie
|
assert SESSION_COOKIE_NAME in set_cookie
|
||||||
|
|
||||||
async def test_logout_is_idempotent(self, client: AsyncClient) -> None:
|
async def test_logout_is_idempotent(self, client: AsyncClient) -> None:
|
||||||
"""Logout succeeds even when called without a session token."""
|
"""Logout succeeds even when called without a session token."""
|
||||||
|
|||||||
@@ -18,6 +18,7 @@ from app.dependencies import get_auth_service, get_jail_service
|
|||||||
from app.main import create_app
|
from app.main import create_app
|
||||||
from app.models.auth import Session
|
from app.models.auth import Session
|
||||||
from app.models.jail import JailListResponse
|
from app.models.jail import JailListResponse
|
||||||
|
from app.utils.constants import SESSION_COOKIE_NAME
|
||||||
from app.utils.setup_state import set_setup_complete_cache
|
from app.utils.setup_state import set_setup_complete_cache
|
||||||
|
|
||||||
|
|
||||||
@@ -149,7 +150,7 @@ async def test_auth_login_uses_injected_auth_service(tmp_path: Path) -> None:
|
|||||||
|
|
||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
assert response.json()["token"].startswith("fake-token")
|
assert response.json()["token"].startswith("fake-token")
|
||||||
assert response.cookies.get("bangui_session") is not None
|
assert response.cookies.get(SESSION_COOKIE_NAME) is not None
|
||||||
|
|
||||||
|
|
||||||
async def test_jail_list_uses_injected_jail_service_and_auth(tmp_path: Path) -> None:
|
async def test_jail_list_uses_injected_jail_service_and_auth(tmp_path: Path) -> None:
|
||||||
@@ -180,7 +181,7 @@ async def test_jail_list_uses_injected_jail_service_and_auth(tmp_path: Path) ->
|
|||||||
) as client:
|
) as client:
|
||||||
response = await client.get(
|
response = await client.get(
|
||||||
"/api/jails",
|
"/api/jails",
|
||||||
headers={"Cookie": "bangui_session=fake-token"},
|
headers={"Cookie": f"{SESSION_COOKIE_NAME}=fake-token"},
|
||||||
)
|
)
|
||||||
|
|
||||||
await db.close()
|
await db.close()
|
||||||
|
|||||||
Reference in New Issue
Block a user