mirror of
https://github.com/bunny-lab-io/Borealis.git
synced 2025-10-27 11:41:58 -06:00
60 lines
1.5 KiB
Python
60 lines
1.5 KiB
Python
import hashlib
|
|
|
|
import pytest
|
|
|
|
pytest.importorskip("flask")
|
|
pytest.importorskip("jwt")
|
|
|
|
def _login(client) -> dict:
|
|
payload = {
|
|
"username": "admin",
|
|
"password_sha512": hashlib.sha512("Password".encode()).hexdigest(),
|
|
}
|
|
resp = client.post("/api/auth/login", json=payload)
|
|
assert resp.status_code == 200
|
|
data = resp.get_json()
|
|
assert isinstance(data, dict)
|
|
return data
|
|
|
|
|
|
def test_auth_me_returns_session_user(prepared_app):
|
|
client = prepared_app.test_client()
|
|
|
|
_login(client)
|
|
resp = client.get("/api/auth/me")
|
|
assert resp.status_code == 200
|
|
body = resp.get_json()
|
|
assert body == {
|
|
"username": "admin",
|
|
"display_name": "Administrator",
|
|
"role": "Admin",
|
|
}
|
|
|
|
|
|
def test_auth_me_uses_token_when_session_missing(prepared_app):
|
|
client = prepared_app.test_client()
|
|
login_data = _login(client)
|
|
token = login_data.get("token")
|
|
assert token
|
|
|
|
# New client without session
|
|
other_client = prepared_app.test_client()
|
|
other_client.set_cookie("borealis_auth", token)
|
|
|
|
resp = other_client.get("/api/auth/me")
|
|
assert resp.status_code == 200
|
|
body = resp.get_json()
|
|
assert body == {
|
|
"username": "admin",
|
|
"display_name": "Administrator",
|
|
"role": "Admin",
|
|
}
|
|
|
|
|
|
def test_auth_me_requires_authentication(prepared_app):
|
|
client = prepared_app.test_client()
|
|
resp = client.get("/api/auth/me")
|
|
assert resp.status_code == 401
|
|
body = resp.get_json()
|
|
assert body == {"error": "not_authenticated"}
|