orion/tests/integration/api/v1/test_authentication_endpoints.py

# tests/integration/api/v1/test_authentication_endpoints.py
import pytest
from fastapi import HTTPException


class TestAuthenticationAPI:
    def test_register_user_success(self, client, db):
        """Test successful user registration"""
        response = client.post(
            "/api/v1/auth/register",
            json={
                "email": "newuser@example.com",
                "username": "newuser",
                "password": "securepass123",
            },
        )

        assert response.status_code == 200
        data = response.json()
        assert data["email"] == "newuser@example.com"
        assert data["username"] == "newuser"
        assert data["role"] == "user"
        assert data["is_active"] is True
        assert "hashed_password" not in data

    def test_register_user_duplicate_email(self, client, test_user):
        """Test registration with duplicate email"""
        response = client.post(
            "/api/v1/auth/register",
            json={
                "email": test_user.email,  # Same as test_user
                "username": "newuser",
                "password": "securepass123",
            },
        )

        assert response.status_code == 409  # Changed from 400 to 409
        data = response.json()
        assert data["error_code"] == "USER_ALREADY_EXISTS"
        assert "Email already exists" in data["message"]
        assert data["field"] == "email"

    def test_register_user_duplicate_username(self, client, test_user):
        """Test registration with duplicate username"""
        response = client.post(
            "/api/v1/auth/register",
            json={
                "email": "new@example.com",
                "username": test_user.username,  # Same as test_user
                "password": "securepass123",
            },
        )

        assert response.status_code == 409  # Changed from 400 to 409
        data = response.json()
        assert data["error_code"] == "USER_ALREADY_EXISTS"
        assert "Username already taken" in data["message"]
        assert data["field"] == "username"

    def test_login_success(self, client, test_user):
        """Test successful login"""
        response = client.post(
            "/api/v1/auth/login",
            json={"username": test_user.username, "password": "testpass123"},
        )

        assert response.status_code == 200
        data = response.json()
        assert "access_token" in data
        assert data["token_type"] == "bearer"
        assert "expires_in" in data
        assert data["user"]["username"] == test_user.username

    def test_login_wrong_password(self, client, test_user):
        """Test login with wrong password"""
        response = client.post(
            "/api/v1/auth/login",
            json={"username": "testuser", "password": "wrongpassword"},
        )

        assert response.status_code == 401
        data = response.json()
        assert data["error_code"] == "INVALID_CREDENTIALS"
        assert "Invalid username or password" in data["message"]

    def test_login_nonexistent_user(self, client, db):
        """Test login with nonexistent user"""
        response = client.post(
            "/api/v1/auth/login",
            json={"username": "nonexistent", "password": "password123"},
        )

        assert response.status_code == 401
        data = response.json()
        assert data["error_code"] == "INVALID_CREDENTIALS"

    def test_login_inactive_user(self, client, db, test_user):
        """Test login with inactive user account"""
        # Manually deactivate the user for this test
        test_user.is_active = False
        db.commit()

        response = client.post(
            "/api/v1/auth/login",
            json={"username": test_user.username, "password": "testpass123"},
        )

        assert response.status_code == 403
        data = response.json()
        assert data["error_code"] == "USER_NOT_ACTIVE"
        assert "User account is not active" in data["message"]

        # Reactivate for other tests
        test_user.is_active = True
        db.commit()

    def test_get_current_user_info(self, client, auth_headers, test_user):
        """Test getting current user info"""
        response = client.get("/api/v1/auth/me", headers=auth_headers)

        assert response.status_code == 200
        data = response.json()
        assert data["username"] == test_user.username
        assert data["email"] == test_user.email

    def test_get_current_user_without_auth(self, client):
        """Test getting current user without authentication"""
        response = client.get("/api/v1/auth/me")

        assert response.status_code == 401  # No authorization header


class TestAuthManager:
    def test_hash_password(self, auth_manager):
        """Test password hashing"""
        password = "testpassword123"
        hashed = auth_manager.hash_password(password)

        assert hashed != password
        assert len(hashed) > 20  # bcrypt hashes are long

    def test_verify_password(self, auth_manager):
        """Test password verification"""
        password = "testpassword123"
        hashed = auth_manager.hash_password(password)

        assert auth_manager.verify_password(password, hashed) is True
        assert auth_manager.verify_password("wrongpassword", hashed) is False

    def test_create_access_token(self, auth_manager, test_user):
        """Test JWT token creation"""
        token_data = auth_manager.create_access_token(test_user)

        assert "access_token" in token_data
        assert token_data["token_type"] == "bearer"
        assert "expires_in" in token_data
        assert isinstance(token_data["expires_in"], int)