Initial commit: Ebook Translation System with Docker setup

ebook_backend&admin_panel/admin-backend/tests/test_auth_routes.py

@@ -0,0 +1,146 @@
+import pytest
+from unittest.mock import patch, MagicMock
+from fastapi import HTTPException
+
+class TestAuthRoutes:
+    """Test cases for authentication routes"""
+
+    def test_admin_login_success(self, client, admin_user):
+        """Test successful admin login"""
+        login_data = {
+            "username": "testadmin",
+            "password": "testpassword123"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 200
+        data = response.json()
+        assert data["status"] == "success"
+        
+        # Check if cookie is set
+        assert "admin_logged_in=true" in response.headers.get("set-cookie", "")
+    
+    def test_admin_login_invalid_username(self, client, test_db):
+        """Test admin login with invalid username"""
+        login_data = {
+            "username": "nonexistent",
+            "password": "testpassword123"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 401
+        data = response.json()
+        assert data["detail"] == "Invalid credentials"
+    
+    def test_admin_login_invalid_password(self, client, admin_user):
+        """Test admin login with invalid password"""
+        login_data = {
+            "username": "testadmin",
+            "password": "wrongpassword"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 401
+        data = response.json()
+        assert data["detail"] == "Invalid credentials"
+    
+    def test_admin_login_missing_username(self, client):
+        """Test admin login with missing username"""
+        login_data = {
+            "password": "testpassword123"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 422  # Validation error
+    
+    def test_admin_login_missing_password(self, client):
+        """Test admin login with missing password"""
+        login_data = {
+            "username": "testadmin"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 422  # Validation error
+
+    def test_admin_logout_with_cookie(self, client):
+        """Test admin logout when user is logged in"""
+        response = client.post("/admin/logout", headers={"Cookie": "admin_logged_in=true"})
+        assert response.status_code == 200
+        data = response.json()
+        assert data["status"] == "success"
+    
+    @patch('routes.auth.verify_password')
+    def test_admin_login_password_verification(self, mock_verify, client, admin_user):
+        """Test password verification during login"""
+        mock_verify.return_value = True
+        
+        login_data = {
+            "username": "testadmin",
+            "password": "testpassword123"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 200
+        mock_verify.assert_called_once_with("testpassword123", admin_user.password_hash)
+    
+    @patch('routes.auth.verify_password')
+    def test_admin_login_password_verification_failure(self, mock_verify, client, admin_user):
+        """Test password verification failure during login"""
+        mock_verify.return_value = False
+        
+        login_data = {
+            "username": "testadmin",
+            "password": "testpassword123"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 401
+        mock_verify.assert_called_once_with("testpassword123", admin_user.password_hash)
+    
+    def test_admin_login_case_sensitive_username(self, client, admin_user):
+        """Test admin login with case-sensitive username"""
+        login_data = {
+            "username": "TESTADMIN",  # Different case
+            "password": "testpassword123"
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 401
+        data = response.json()
+        assert data["detail"] == "Invalid credentials"
+    
+    def test_admin_login_empty_credentials(self, client):
+        """Test admin login with empty credentials"""
+        login_data = {
+            "username": "",
+            "password": ""
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 401
+        data = response.json()
+        assert data["detail"] == "Invalid credentials"
+    
+    def test_admin_login_whitespace_credentials(self, client):
+        """Test admin login with whitespace-only credentials"""
+        login_data = {
+            "username": "   ",
+            "password": "   "
+        }
+        
+        response = client.post("/admin/login", json=login_data)
+        assert response.status_code == 401
+        data = response.json()
+        assert data["detail"] == "Invalid credentials"
+    
+    def test_admin_logout_response_headers(self, client):
+        """Test admin logout response headers"""
+        response = client.post("/admin/logout")
+        assert response.status_code == 200
+        
+        # Check content type
+        assert response.headers["content-type"] == "application/json"
+        
+        # Check cookie deletion
+        set_cookie = response.headers.get("set-cookie", "")
+        assert "admin_logged_in=" in set_cookie