first round of review
This commit is contained in:
parent
7ebfb7a2dd
commit
da5a0d03eb
GPG key ID:
883EDBAA726BD96C
14 changed files with 362 additions and 244 deletions
|
|
@ -1,128 +1,149 @@
|
|||
import pytest
|
||||
import uuid
|
||||
|
||||
from auth import COOKIE_NAME
|
||||
|
||||
|
||||
def unique_email(prefix: str = "counter") -> str:
|
||||
"""Generate a unique email for tests sharing the same database."""
|
||||
return f"{prefix}-{uuid.uuid4().hex[:8]}@example.com"
|
||||
|
||||
|
||||
async def create_user_and_get_headers(client, email: str = None) -> dict:
|
||||
"""Create a user and return auth headers for authenticated requests."""
|
||||
if email is None:
|
||||
email = unique_email()
|
||||
response = await client.post(
|
||||
"/api/auth/register",
|
||||
json={"email": email, "password": "testpass123"},
|
||||
)
|
||||
token = response.json()["access_token"]
|
||||
return {"Authorization": f"Bearer {token}"}
|
||||
|
||||
|
||||
# Protected endpoint tests - without auth
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_counter_requires_auth(client):
|
||||
response = await client.get("/api/counter")
|
||||
assert response.status_code in [401, 403]
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_increment_counter_requires_auth(client):
|
||||
response = await client.post("/api/counter/increment")
|
||||
assert response.status_code in [401, 403]
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_counter_invalid_token(client):
|
||||
response = await client.get(
|
||||
"/api/counter",
|
||||
headers={"Authorization": "Bearer invalidtoken"},
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_increment_counter_invalid_token(client):
|
||||
response = await client.post(
|
||||
"/api/counter/increment",
|
||||
headers={"Authorization": "Bearer invalidtoken"},
|
||||
)
|
||||
async def test_get_counter_invalid_cookie(client_factory):
|
||||
async with client_factory.create(cookies={COOKIE_NAME: "invalidtoken"}) as authed:
|
||||
response = await authed.get("/api/counter")
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_increment_counter_invalid_cookie(client_factory):
|
||||
async with client_factory.create(cookies={COOKIE_NAME: "invalidtoken"}) as authed:
|
||||
response = await authed.post("/api/counter/increment")
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
# Authenticated counter tests
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_counter_authenticated(client):
|
||||
auth_headers = await create_user_and_get_headers(client)
|
||||
response = await client.get("/api/counter", headers=auth_headers)
|
||||
async def test_get_counter_authenticated(client_factory):
|
||||
reg = await client_factory.post(
|
||||
"/api/auth/register",
|
||||
json={"email": unique_email(), "password": "testpass123"},
|
||||
)
|
||||
cookies = dict(reg.cookies)
|
||||
|
||||
async with client_factory.create(cookies=cookies) as authed:
|
||||
response = await authed.get("/api/counter")
|
||||
|
||||
assert response.status_code == 200
|
||||
assert "value" in response.json()
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_increment_counter(client):
|
||||
auth_headers = await create_user_and_get_headers(client)
|
||||
async def test_increment_counter(client_factory):
|
||||
reg = await client_factory.post(
|
||||
"/api/auth/register",
|
||||
json={"email": unique_email(), "password": "testpass123"},
|
||||
)
|
||||
cookies = dict(reg.cookies)
|
||||
|
||||
# Get current value
|
||||
before = await client.get("/api/counter", headers=auth_headers)
|
||||
before_value = before.json()["value"]
|
||||
|
||||
# Increment
|
||||
response = await client.post("/api/counter/increment", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
assert response.json()["value"] == before_value + 1
|
||||
async with client_factory.create(cookies=cookies) as authed:
|
||||
# Get current value
|
||||
before = await authed.get("/api/counter")
|
||||
before_value = before.json()["value"]
|
||||
|
||||
# Increment
|
||||
response = await authed.post("/api/counter/increment")
|
||||
assert response.status_code == 200
|
||||
assert response.json()["value"] == before_value + 1
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_increment_counter_multiple(client):
|
||||
auth_headers = await create_user_and_get_headers(client)
|
||||
async def test_increment_counter_multiple(client_factory):
|
||||
reg = await client_factory.post(
|
||||
"/api/auth/register",
|
||||
json={"email": unique_email(), "password": "testpass123"},
|
||||
)
|
||||
cookies = dict(reg.cookies)
|
||||
|
||||
# Get starting value
|
||||
before = await client.get("/api/counter", headers=auth_headers)
|
||||
start = before.json()["value"]
|
||||
|
||||
# Increment 3 times
|
||||
await client.post("/api/counter/increment", headers=auth_headers)
|
||||
await client.post("/api/counter/increment", headers=auth_headers)
|
||||
response = await client.post("/api/counter/increment", headers=auth_headers)
|
||||
|
||||
assert response.json()["value"] == start + 3
|
||||
async with client_factory.create(cookies=cookies) as authed:
|
||||
# Get starting value
|
||||
before = await authed.get("/api/counter")
|
||||
start = before.json()["value"]
|
||||
|
||||
# Increment 3 times
|
||||
await authed.post("/api/counter/increment")
|
||||
await authed.post("/api/counter/increment")
|
||||
response = await authed.post("/api/counter/increment")
|
||||
|
||||
assert response.json()["value"] == start + 3
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_get_counter_after_increment(client):
|
||||
auth_headers = await create_user_and_get_headers(client)
|
||||
async def test_get_counter_after_increment(client_factory):
|
||||
reg = await client_factory.post(
|
||||
"/api/auth/register",
|
||||
json={"email": unique_email(), "password": "testpass123"},
|
||||
)
|
||||
cookies = dict(reg.cookies)
|
||||
|
||||
before = await client.get("/api/counter", headers=auth_headers)
|
||||
start = before.json()["value"]
|
||||
|
||||
await client.post("/api/counter/increment", headers=auth_headers)
|
||||
await client.post("/api/counter/increment", headers=auth_headers)
|
||||
|
||||
response = await client.get("/api/counter", headers=auth_headers)
|
||||
assert response.json()["value"] == start + 2
|
||||
async with client_factory.create(cookies=cookies) as authed:
|
||||
before = await authed.get("/api/counter")
|
||||
start = before.json()["value"]
|
||||
|
||||
await authed.post("/api/counter/increment")
|
||||
await authed.post("/api/counter/increment")
|
||||
|
||||
response = await authed.get("/api/counter")
|
||||
assert response.json()["value"] == start + 2
|
||||
|
||||
|
||||
# Counter is shared between users
|
||||
@pytest.mark.asyncio
|
||||
async def test_counter_shared_between_users(client):
|
||||
headers1 = await create_user_and_get_headers(client, unique_email("share1"))
|
||||
async def test_counter_shared_between_users(client_factory):
|
||||
# Create first user
|
||||
reg1 = await client_factory.post(
|
||||
"/api/auth/register",
|
||||
json={"email": unique_email("share1"), "password": "testpass123"},
|
||||
)
|
||||
cookies1 = dict(reg1.cookies)
|
||||
|
||||
# Get starting value
|
||||
before = await client.get("/api/counter", headers=headers1)
|
||||
start = before.json()["value"]
|
||||
async with client_factory.create(cookies=cookies1) as user1:
|
||||
# Get starting value
|
||||
before = await user1.get("/api/counter")
|
||||
start = before.json()["value"]
|
||||
|
||||
await user1.post("/api/counter/increment")
|
||||
await user1.post("/api/counter/increment")
|
||||
|
||||
await client.post("/api/counter/increment", headers=headers1)
|
||||
await client.post("/api/counter/increment", headers=headers1)
|
||||
# Create second user - should see the increments
|
||||
reg2 = await client_factory.post(
|
||||
"/api/auth/register",
|
||||
json={"email": unique_email("share2"), "password": "testpass123"},
|
||||
)
|
||||
cookies2 = dict(reg2.cookies)
|
||||
|
||||
# Second user sees the increments
|
||||
headers2 = await create_user_and_get_headers(client, unique_email("share2"))
|
||||
response = await client.get("/api/counter", headers=headers2)
|
||||
assert response.json()["value"] == start + 2
|
||||
|
||||
# Second user increments
|
||||
await client.post("/api/counter/increment", headers=headers2)
|
||||
async with client_factory.create(cookies=cookies2) as user2:
|
||||
response = await user2.get("/api/counter")
|
||||
assert response.json()["value"] == start + 2
|
||||
|
||||
# Second user increments
|
||||
await user2.post("/api/counter/increment")
|
||||
|
||||
# First user sees the increment
|
||||
response = await client.get("/api/counter", headers=headers1)
|
||||
assert response.json()["value"] == start + 3
|
||||
async with client_factory.create(cookies=cookies1) as user1:
|
||||
response = await user1.get("/api/counter")
|
||||
assert response.json()["value"] == start + 3
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue