AIRegulation-DocAnalysis/tests/test_auth_routes.py

"""Integration tests for the auth routes.

Uses FastAPI TestClient with a mocked user store.
Does not require a running PostgreSQL.
"""

import pytest
from fastapi.testclient import TestClient
from unittest.mock import MagicMock, patch

from app.infrastructure.auth.user_store import UserRecord


@pytest.fixture
def client():
    """Return a TestClient with a mocked user store."""
    mock_store = MagicMock()
    alice = UserRecord(id="uuid-1", username="alice", hashed_pw="hashed", role="admin", is_active=True)
    mock_store.authenticate.side_effect = lambda u, p: alice if (u == "alice" and p == "correct") else None

    with patch("app.shared.bootstrap.get_user_store", return_value=mock_store):
        # Import after patch so the mock is active when routes import bootstrap.
        from app.api.main import app
        with TestClient(app, raise_server_exceptions=False) as c:
            yield c


def test_login_returns_token_for_valid_credentials(client):
    """POST /auth/token must return an access_token for valid credentials."""
    resp = client.post("/api/v1/auth/token", data={"username": "alice", "password": "correct"})
    assert resp.status_code == 200
    body = resp.json()
    assert "access_token" in body
    assert body["token_type"] == "bearer"


def test_login_returns_401_for_wrong_password(client):
    """POST /auth/token must return 401 for wrong password."""
    resp = client.post("/api/v1/auth/token", data={"username": "alice", "password": "wrong"})
    assert resp.status_code == 401


def test_me_returns_user_when_authenticated(client):
    """GET /auth/me must return user identity when a valid token is provided."""
    login_resp = client.post("/api/v1/auth/token", data={"username": "alice", "password": "correct"})
    assert login_resp.status_code == 200, login_resp.text
    token = login_resp.json()["access_token"]

    me_resp = client.get("/api/v1/auth/me", headers={"Authorization": f"Bearer {token}"})
    assert me_resp.status_code == 200
    assert me_resp.json()["username"] == "alice"
    assert me_resp.json()["role"] == "admin"


def test_me_returns_401_without_token(client):
    """GET /auth/me must return 401 when no token is provided."""
    resp = client.get("/api/v1/auth/me")
    assert resp.status_code == 401
1. Add 登陆功能 2. 调整字体大小 3. 新增部分功能 2026-06-05 18:00:31 +08:00			`"""Integration tests for the auth routes.`

			`Uses FastAPI TestClient with a mocked user store.`
			`Does not require a running PostgreSQL.`
			`"""`

			`import pytest`
			`from fastapi.testclient import TestClient`
			`from unittest.mock import MagicMock, patch`

			`from app.infrastructure.auth.user_store import UserRecord`


			`@pytest.fixture`
			`def client():`
			`"""Return a TestClient with a mocked user store."""`
			`mock_store = MagicMock()`
			`alice = UserRecord(id="uuid-1", username="alice", hashed_pw="hashed", role="admin", is_active=True)`
			`mock_store.authenticate.side_effect = lambda u, p: alice if (u == "alice" and p == "correct") else None`

			`with patch("app.shared.bootstrap.get_user_store", return_value=mock_store):`
			`# Import after patch so the mock is active when routes import bootstrap.`
			`from app.api.main import app`
			`with TestClient(app, raise_server_exceptions=False) as c:`
			`yield c`


			`def test_login_returns_token_for_valid_credentials(client):`
			`"""POST /auth/token must return an access_token for valid credentials."""`
			`resp = client.post("/api/v1/auth/token", data={"username": "alice", "password": "correct"})`
			`assert resp.status_code == 200`
			`body = resp.json()`
			`assert "access_token" in body`
			`assert body["token_type"] == "bearer"`


			`def test_login_returns_401_for_wrong_password(client):`
			`"""POST /auth/token must return 401 for wrong password."""`
			`resp = client.post("/api/v1/auth/token", data={"username": "alice", "password": "wrong"})`
			`assert resp.status_code == 401`


			`def test_me_returns_user_when_authenticated(client):`
			`"""GET /auth/me must return user identity when a valid token is provided."""`
			`login_resp = client.post("/api/v1/auth/token", data={"username": "alice", "password": "correct"})`
			`assert login_resp.status_code == 200, login_resp.text`
			`token = login_resp.json()["access_token"]`

			`me_resp = client.get("/api/v1/auth/me", headers={"Authorization": f"Bearer {token}"})`
			`assert me_resp.status_code == 200`
			`assert me_resp.json()["username"] == "alice"`
			`assert me_resp.json()["role"] == "admin"`


			`def test_me_returns_401_without_token(client):`
			`"""GET /auth/me must return 401 when no token is provided."""`
			`resp = client.get("/api/v1/auth/me")`
			`assert resp.status_code == 401`