bitforge/orchard
3
0
Fork 0
Code Projects Wiki Activity

Fix auth tests to not invalidate integration_client session

Browse Source 
Password change tests were using the admin account, which invalidated
all admin sessions including the shared integration_client. Now all
password change tests create and use dedicated test users, keeping
the admin session intact for other tests.

Tests updated:
- test_change_password_success
- test_change_password_wrong_current
- test_password_too_short_on_change
This commit is contained in:
Mondo Diaz
2026-01-16 21:28:30 +00:00
parent 28b434b944
commit 1f923ae71d
1 changed files with 48 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
backend/tests/integration/test_auth_api.py
View File

@@ -107,21 +107,37 @@ class TestAuthMe:
class TestAuthChangePassword: class TestAuthChangePassword:
"""Tests for change password endpoint.""" """Tests for change password endpoint.
Note: These tests use dedicated test users instead of admin to avoid
invalidating the integration_client session (which uses admin).
"""
@pytest.mark.integration @pytest.mark.integration
def test_change_password_success(self, auth_client): def test_change_password_success(self, auth_client):
"""Test successful password change.""" """Test successful password change."""
# Login first # Login as admin to create a test user
auth_client.post( auth_client.post(
"/api/v1/auth/login", "/api/v1/auth/login",
json={"username": "admin", "password": "changeme123"}, json={"username": "admin", "password": "changeme123"},
) )
test_username = f"pwchange_{uuid4().hex[:8]}"
auth_client.post(
"/api/v1/admin/users",
json={"username": test_username, "password": "oldpassword123"},
)
# Login as test user
auth_client.cookies.clear()
auth_client.post(
"/api/v1/auth/login",
json={"username": test_username, "password": "oldpassword123"},
)
# Change password # Change password
response = auth_client.post( response = auth_client.post(
"/api/v1/auth/change-password", "/api/v1/auth/change-password",
json={"current_password": "changeme123", "new_password": "newpassword123"}, json={"current_password": "oldpassword123", "new_password": "newpassword123"},
) )
assert response.status_code == 200 assert response.status_code == 200
@@ -129,32 +145,37 @@ class TestAuthChangePassword:
auth_client.cookies.clear() auth_client.cookies.clear()
response = auth_client.post( response = auth_client.post(
"/api/v1/auth/login", "/api/v1/auth/login",
json={"username": "admin", "password": "changeme123"}, json={"username": test_username, "password": "oldpassword123"},
) )
assert response.status_code == 401 assert response.status_code == 401
# Verify new password works # Verify new password works
response = auth_client.post( response = auth_client.post(
"/api/v1/auth/login", "/api/v1/auth/login",
json={"username": "admin", "password": "newpassword123"}, json={"username": test_username, "password": "newpassword123"},
) )
assert response.status_code == 200 assert response.status_code == 200
# Reset password back to original for other tests
reset_response = auth_client.post(
"/api/v1/auth/change-password",
json={"current_password": "newpassword123", "new_password": "changeme123"},
)
assert reset_response.status_code == 200, "Failed to reset admin password back to default"
@pytest.mark.integration @pytest.mark.integration
def test_change_password_wrong_current(self, auth_client): def test_change_password_wrong_current(self, auth_client):
"""Test password change with wrong current password.""" """Test password change with wrong current password."""
# Login first # Login as admin to create a test user
auth_client.post( auth_client.post(
"/api/v1/auth/login", "/api/v1/auth/login",
json={"username": "admin", "password": "changeme123"}, json={"username": "admin", "password": "changeme123"},
) )
test_username = f"pwwrong_{uuid4().hex[:8]}"
auth_client.post(
"/api/v1/admin/users",
json={"username": test_username, "password": "password123"},
)
# Login as test user
auth_client.cookies.clear()
auth_client.post(
"/api/v1/auth/login",
json={"username": test_username, "password": "password123"},
)
response = auth_client.post( response = auth_client.post(
"/api/v1/auth/change-password", "/api/v1/auth/change-password",
@@ -443,14 +464,27 @@ class TestSecurityEdgeCases:
@pytest.mark.integration @pytest.mark.integration
def test_password_too_short_on_change(self, auth_client): def test_password_too_short_on_change(self, auth_client):
"""Test that short passwords are rejected when changing password.""" """Test that short passwords are rejected when changing password."""
# Create test user
auth_client.post( auth_client.post(
"/api/v1/auth/login", "/api/v1/auth/login",
json={"username": "admin", "password": "changeme123"}, json={"username": "admin", "password": "changeme123"},
) )
test_username = f"shortchange_{uuid4().hex[:8]}"
auth_client.post(
"/api/v1/admin/users",
json={"username": test_username, "password": "password123"},
)
# Login as test user
auth_client.cookies.clear()
auth_client.post(
"/api/v1/auth/login",
json={"username": test_username, "password": "password123"},
)
response = auth_client.post( response = auth_client.post(
"/api/v1/auth/change-password", "/api/v1/auth/change-password",
json={"current_password": "changeme123", "new_password": "short"}, json={"current_password": "password123", "new_password": "short"},
) )
assert response.status_code == 400 assert response.status_code == 400
assert "at least 8 characters" in response.json()["detail"] assert "at least 8 characters" in response.json()["detail"]