Working on API

tests/api/test_auth_routes.py

@@ -0,0 +1,139 @@
+from unittest.mock import MagicMock
+
+import pytest
+from fastapi import status, HTTPException
+from fastapi.testclient import TestClient
+
+from app.main import app  # Assuming you have FastAPI app defined in app/main.py
+from app.models.auth import UserRole
+from app.models.types import PyObjectId
+from app.models.user import UserInDB
+from app.services.auth_service import AuthService
+from app.services.user_service import UserService
+
+
+@pytest.fixture
+def client():
+  return TestClient(app)
+
+
+@pytest.fixture
+def fake_user():
+  return UserInDB(
+    _id=PyObjectId(),
+    username="testuser",
+    email="test@example.com",
+    role=UserRole.USER,
+    is_active=True,
+    hashed_password="hashed-secret",
+    created_at="2023-01-01T00:00:00",
+    updated_at="2023-01-01T00:00:00",
+  )
+
+
+def override_auth_service():
+  mock = MagicMock(spec=AuthService)
+  mock.verify_user_password.return_value = True
+  mock.create_access_token.return_value = "fake-jwt-token"
+  return mock
+
+
+def override_user_service(fake_user):
+  mock = MagicMock(spec=UserService)
+  mock.get_user_by_username.return_value = fake_user
+  return mock
+
+
+def override_get_current_user(fake_user):
+  def _override():
+    return fake_user
+  
+  return _override
+
+
+# ---------------------- TESTS FOR /auth/login ----------------------
+class TestLogin:
+  def test_i_can_login_with_valid_credentials(self, client, fake_user, monkeypatch):
+    auth_service = override_auth_service()
+    user_service = override_user_service(fake_user)
+    
+    monkeypatch.setattr("app.api.routes.auth.get_auth_service", lambda: auth_service)
+    monkeypatch.setattr("app.api.routes.auth.get_user_service", lambda: user_service)
+    
+    response = client.post(
+      "/auth/login",
+      data={"username": "testuser", "password": "secret"},
+    )
+    
+    assert response.status_code == status.HTTP_200_OK
+    data = response.json()
+    assert "access_token" in data
+    assert data["user"]["username"] == "testuser"
+  
+  def test_i_cannot_login_with_invalid_username(self, client, monkeypatch):
+    auth_service = override_auth_service()
+    user_service = MagicMock(spec=UserService)
+    user_service.get_user_by_username.return_value = None
+    
+    monkeypatch.setattr("app.api.routes.auth.get_auth_service", lambda: auth_service)
+    monkeypatch.setattr("app.api.routes.auth.get_user_service", lambda: user_service)
+    
+    response = client.post(
+      "/auth/login",
+      data={"username": "unknown", "password": "secret"},
+    )
+    
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+  
+  def test_i_cannot_login_with_inactive_user(self, client, fake_user, monkeypatch):
+    fake_user.is_active = False
+    auth_service = override_auth_service()
+    user_service = override_user_service(fake_user)
+    
+    monkeypatch.setattr("app.api.routes.auth.get_auth_service", lambda: auth_service)
+    monkeypatch.setattr("app.api.routes.auth.get_user_service", lambda: user_service)
+    
+    response = client.post(
+      "/auth/login",
+      data={"username": "testuser", "password": "secret"},
+    )
+    
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+  
+  def test_i_cannot_login_with_wrong_password(self, client, fake_user, monkeypatch):
+    auth_service = override_auth_service()
+    auth_service.verify_user_password.return_value = False
+    user_service = override_user_service(fake_user)
+    
+    monkeypatch.setattr("app.api.routes.auth.get_auth_service", lambda: auth_service)
+    monkeypatch.setattr("app.api.routes.auth.get_user_service", lambda: user_service)
+    
+    response = client.post(
+      "/auth/login",
+      data={"username": "testuser", "password": "wrong"},
+    )
+    
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+
+
+# ---------------------- TESTS FOR /auth/me ----------------------
+class TesteMe:
+  def test_i_can_get_current_user_profile(self, client, fake_user, monkeypatch):
+    monkeypatch.setattr("app.api.routes.auth.get_current_user", override_get_current_user(fake_user))
+    
+    response = client.get("/auth/me")
+    
+    assert response.status_code == status.HTTP_200_OK
+    data = response.json()
+    assert data["username"] == fake_user.username
+    assert data["email"] == fake_user.email
+  
+  def test_i_cannot_get_profile_without_authentication(self, client, monkeypatch):
+    def raise_http_exception():
+      raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
+    
+    monkeypatch.setattr("app.api.routes.auth.get_current_user", raise_http_exception)
+    
+    response = client.get("/auth/me")
+    
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED

tests/models/test_user_models.py

@@ -10,8 +10,8 @@ from pydantic import ValidationError
 from datetime import datetime
 from bson import ObjectId
 
-from app.models.user import UserCreate, UserUpdate, UserInDB, UserResponse
-from app.models.auth import UserRole
+from app.models.user import UserCreate, UserUpdate, UserInDB
+from app.models.auth import UserRole, UserResponse
 
 
 class TestUserCreateModel:
@@ -349,7 +349,7 @@ class TestUserResponseModel:
     
     # Convert to response model (excluding password_hash)
     user_response = UserResponse(
-      id=user_in_db.id,
+      _id=user_in_db.id,
       username=user_in_db.username,
       email=user_in_db.email,
       role=user_in_db.role,