alai-dev/trade-assistant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f17a6ccbacafa755106346d372c7d5eb64b93aa1
trade-assistant/backend/tests/test_auth_api.py
T
TradeMate Dev 5d2bced39f docs: update project docs and clean up redundant files 
- PROGRESS.md: update to 2026-05-29 with security hardening (T-005),
  4-frontend architecture, AI provider refactoring, discovery features,
  landing page/referral/quota, desktop layout, admin AI management
- AGENTS.md: add AI provider list (Alibaba/NVIDIA, removed Claude/DeepL/Local),
  DB-driven config, CSRF/rate-limit/CORS notes, admin_ai reload quirk
- .env.example: sync with actual config, replace deprecated providers
  with current Sensenova/OpencodeGo/NVIDIA/Spark/Alibaba
- docs/PROJECT_STATUS.md: archive (fully superseded by PROGRESS.md)
- Remove generated JS files (_bing_search.js, _batch_search.js)
- Remove empty directories (data/corpus, data/models)
- Remove backend/.coverage (test artifact)
- Fix services/.gitignore to cover _bing_search.js
- Include pending AI provider DB admin feature (admin_ai, AIProvider model,
  AIProviders.vue, migration) and T-008 test report
2026-05-29 11:15:33 +08:00

94 lines
3.2 KiB
Python
Raw Blame History

import pytest
from httpx import AsyncClient
class TestAuthAPI:
async def test_health_endpoint(self, client: AsyncClient):
response = await client.get("/health")
assert response.status_code == 200
data = response.json()
assert data["status"] == "ok"
assert data["app"] == "TradeMate"
async def test_register_new_user(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/register",
json={
"phone": "13900139001",
"password": "test123456",
"username": "newuser",
},
)
assert response.status_code == 200
data = response.json()
assert data["phone"] == "13900139001"
assert data["username"] == "newuser"
assert data["tier"] == "free"
async def test_register_duplicate_phone(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/register",
json={
"phone": "13800138000",
"password": "test123456",
"username": "duplicate",
},
)
assert response.status_code == 400
assert "already registered" in response.json()["detail"]
async def test_login_success(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/login",
json={
"username": "13800138000",
"password": "test123456",
},
)
assert response.status_code == 200
data = response.json()
assert "access_token" in data
assert "refresh_token" in data
assert data["token_type"] == "bearer"
async def test_login_wrong_password(self, client: AsyncClient, test_user):
response = await client.post(
"/api/v1/auth/login",
json={
"username": "13800138000",
"password": "wrongpassword",
},
)
assert response.status_code == 401
async def test_login_nonexistent_user(self, client: AsyncClient):
response = await client.post(
"/api/v1/auth/login",
json={
"username": "13999999999",
"password": "test123456",
},
)
assert response.status_code == 401
async def test_get_current_user(self, client: AsyncClient, auth_headers):
response = await client.get("/api/v1/auth/me", headers=auth_headers)
assert response.status_code == 200
data = response.json()
assert data["phone"] == "13800138000"
assert data["username"] == "test_user"
async def test_get_user_unauthorized(self, client: AsyncClient):
response = await client.get("/api/v1/auth/me")
assert response.status_code == 401
async def test_refresh_token(self, client: AsyncClient, test_user):
from app.core.security import create_refresh_token
refresh = create_refresh_token({"sub": str(test_user.id)})
response = await client.post(
"/api/v1/auth/refresh",
json={"refresh_token": refresh},
)
assert response.status_code == 200
assert "access_token" in response.json()
Reference in New Issue View Git Blame Copy Permalink