import pytest
from app.core.security import (
    hash_password,
    verify_password,
    create_access_token,
    create_refresh_token,
    decode_token,
)


class TestSecurity:
    def test_hash_password(self):
        pwd = "test123456"
        hashed = hash_password(pwd)
        assert hashed != pwd
        assert verify_password(pwd, hashed)

    def test_verify_password_wrong(self):
        pwd = "test123456"
        hashed = hash_password(pwd)
        assert not verify_password("wrongpassword", hashed)

    def test_create_access_token(self):
        data = {"sub": "test-user-id", "tier": "free"}
        token = create_access_token(data)
        assert token is not None
        assert isinstance(token, str)

    def test_decode_token_valid(self):
        data = {"sub": "test-user-id", "tier": "pro"}
        token = create_access_token(data)
        decoded = decode_token(token)
        assert decoded is not None
        assert decoded["sub"] == "test-user-id"
        assert decoded["tier"] == "pro"

    def test_decode_token_invalid(self):
        decoded = decode_token("invalid-token")
        assert decoded is None

    def test_create_refresh_token(self):
        data = {"sub": "test-user-id"}
        token = create_refresh_token(data)
        assert token is not None
        decoded = decode_token(token)
        assert decoded is not None
        assert decoded["type"] == "refresh"