From b712f52e8bc6401aa993eb6db429866f2dcf6847 Mon Sep 17 00:00:00 2001 From: Rudolf Braun <48672663+BraunRudolf@users.noreply.github.com> Date: Mon, 7 Oct 2024 20:48:20 +0200 Subject: [PATCH] Add test_get_current_user.. ..._missing_email ..._jwt_error ..._not_found --- backend-app/tests/unit/test_auth.py | 73 +++++++++++++++++++++++++++-- 1 file changed, 70 insertions(+), 3 deletions(-) diff --git a/backend-app/tests/unit/test_auth.py b/backend-app/tests/unit/test_auth.py index c9b5bc47..d3411cff 100644 --- a/backend-app/tests/unit/test_auth.py +++ b/backend-app/tests/unit/test_auth.py @@ -1,7 +1,8 @@ from datetime import datetime, timedelta, timezone import pytest -from jose import jwt +from fastapi.exceptions import HTTPException +from jose import JWTError, jwt from app.api.auth import authenticate_user, create_access_token, get_current_user @@ -126,5 +127,71 @@ async def test_get_current_user_valid_token( assert user.email == mock_user.email mock_jwt_decode.assert_called_once_with(valid_token, TEST_SECRET_KEY, algorithms=["HS256"]) mock_get_user_by_email_success.assert_called_once_with( - mock_db, email=mock_user.email - ) # WARNING: Is email=mock_user.email correct? + mock_db, email=mock_jwt_decode.return_value.get("sub") + ) + + +@pytest.mark.asyncio +async def test_get_current_user_missing_email(mock_jwt_decode, valid_token, mock_db, monkeypatch): + TEST_SECRET_KEY = "SECRET" + + # Mock jwt.decode to return a payload without "sub" (missing email) + mock_jwt_decode.return_value = {} + + monkeypatch.setattr("app.api.auth.jwt.decode", mock_jwt_decode) + monkeypatch.setattr("app.api.auth.SECRET_KEY", TEST_SECRET_KEY) + + # Expect the function to raise an HTTPException when email is missing + with pytest.raises(HTTPException) as exc_info: + await get_current_user(token=valid_token, db=mock_db) + + assert exc_info.value.status_code == 401 + assert exc_info.value.detail == "Could not validate credentials" + mock_jwt_decode.assert_called_once_with(valid_token, TEST_SECRET_KEY, algorithms=["HS256"]) + + +@pytest.mark.asyncio +async def test_get_current_user_jwt_error(mock_jwt_decode, valid_token, mock_db, monkeypatch): + TEST_SECRET_KEY = "SECRET" + + # Mock jwt.decode to raise JWTError + mock_jwt_decode.side_effect = JWTError + + monkeypatch.setattr("app.api.auth.jwt.decode", mock_jwt_decode) + monkeypatch.setattr("app.api.auth.SECRET_KEY", TEST_SECRET_KEY) + + # Expect the function to raise an HTTPException when JWTError occurs + with pytest.raises(HTTPException) as exc_info: + await get_current_user(token=valid_token, db=mock_db) + + assert exc_info.value.status_code == 401 + assert exc_info.value.detail == "Could not validate credentials" + mock_jwt_decode.assert_called_once_with(valid_token, TEST_SECRET_KEY, algorithms=["HS256"]) + + +@pytest.mark.asyncio +async def test_get_current_user_user_not_found( + mock_jwt_decode, + valid_token_payload, + valid_token, + mock_db, + mock_get_user_by_email_none, + monkeypatch, +): + TEST_SECRET_KEY = "SECRET" + + # Mock jwt.decode to return a valid payload with email + mock_jwt_decode.return_value = valid_token_payload + + monkeypatch.setattr("app.api.auth.jwt.decode", mock_jwt_decode) + monkeypatch.setattr("app.api.auth.get_user_by_email", mock_get_user_by_email_none) + monkeypatch.setattr("app.api.auth.SECRET_KEY", TEST_SECRET_KEY) + + # Expect the function to raise an HTTPException when user is not found + with pytest.raises(HTTPException) as exc_info: + await get_current_user(token=valid_token, db=mock_db) + + assert exc_info.value.status_code == 401 + assert exc_info.value.detail == "Could not validate credentials" + mock_jwt_decode.assert_called_once_with(valid_token, TEST_SECRET_KEY, algorithms=["HS256"]) + mock_get_user_by_email_none.assert_called_once_with(mock_db, email=valid_token_payload["sub"])