import pytest from httpx import AsyncClient from app.models.user import User class TestRegister: """Tests for user registration endpoint.""" async def test_register_success(self, client: AsyncClient): """Test successful user registration.""" response = await client.post( "/api/auth/register", json={ "email": "newuser@example.com", "username": "newuser", "password": "securepassword123", }, ) assert response.status_code == 201 data = response.json() assert data["email"] == "newuser@example.com" assert data["username"] == "newuser" assert data["role"] == "participant" assert "password" not in data assert "password_hash" not in data async def test_register_duplicate_email(self, client: AsyncClient, test_user: User): """Test registration with already existing email.""" response = await client.post( "/api/auth/register", json={ "email": test_user.email, "username": "anotheruser", "password": "password123", }, ) assert response.status_code == 400 assert "already registered" in response.json()["detail"].lower() async def test_register_invalid_email(self, client: AsyncClient): """Test registration with invalid email format.""" response = await client.post( "/api/auth/register", json={ "email": "not-an-email", "username": "testuser", "password": "password123", }, ) assert response.status_code == 422 async def test_register_short_password(self, client: AsyncClient): """Test registration with too short password.""" response = await client.post( "/api/auth/register", json={ "email": "user@example.com", "username": "testuser", "password": "123", }, ) # Depending on validation, this might be 422 or succeed # If no password length validation, it will succeed assert response.status_code in [201, 422] class TestLogin: """Tests for user login endpoint.""" async def test_login_success(self, client: AsyncClient, test_user: User): """Test successful login.""" response = await client.post( "/api/auth/login", data={ "username": test_user.email, "password": "testpassword", }, ) assert response.status_code == 200 data = response.json() assert "access_token" in data assert data["token_type"] == "bearer" async def test_login_wrong_password(self, client: AsyncClient, test_user: User): """Test login with incorrect password.""" response = await client.post( "/api/auth/login", data={ "username": test_user.email, "password": "wrongpassword", }, ) assert response.status_code == 401 async def test_login_nonexistent_user(self, client: AsyncClient): """Test login with non-existent user.""" response = await client.post( "/api/auth/login", data={ "username": "nonexistent@example.com", "password": "password123", }, ) assert response.status_code == 401 class TestGetMe: """Tests for getting current user endpoint.""" async def test_get_me_authenticated( self, client: AsyncClient, test_user: User, auth_headers: dict ): """Test getting current user when authenticated.""" response = await client.get("/api/auth/me", headers=auth_headers) assert response.status_code == 200 data = response.json() assert data["email"] == test_user.email assert data["username"] == test_user.username assert data["role"] == test_user.role async def test_get_me_unauthenticated(self, client: AsyncClient): """Test getting current user without authentication.""" response = await client.get("/api/auth/me") assert response.status_code == 401 async def test_get_me_invalid_token(self, client: AsyncClient): """Test getting current user with invalid token.""" response = await client.get( "/api/auth/me", headers={"Authorization": "Bearer invalid_token"}, ) assert response.status_code == 401