test(auth): tighten duplicate-username test + add update_password test

This commit is contained in:
Nora
2026-06-22 14:24:55 -06:00
parent 74d7056284
commit 1ca50e2bc0
+15 -2
View File
@@ -4,6 +4,7 @@ from __future__ import annotations
import pytest import pytest
from sqlalchemy import delete from sqlalchemy import delete
from sqlalchemy.exc import IntegrityError
from cyclone.auth import users from cyclone.auth import users
from cyclone.db import SessionLocal, User from cyclone.db import SessionLocal, User
@@ -56,7 +57,7 @@ def test_create_user_rejects_duplicate_username():
with SessionLocal()() as db: with SessionLocal()() as db:
users.create(db, username="bob", password="hunter2hunter2", role="user") users.create(db, username="bob", password="hunter2hunter2", role="user")
with SessionLocal()() as db: with SessionLocal()() as db:
with pytest.raises(Exception): with pytest.raises(IntegrityError):
users.create(db, username="bob", password="anotherone", role="user") users.create(db, username="bob", password="anotherone", role="user")
@@ -90,4 +91,16 @@ def test_to_public_shape_omits_password_hash():
assert "password_hash" not in shape assert "password_hash" not in shape
assert shape["username"] == "eve" assert shape["username"] == "eve"
assert shape["role"] == "admin" assert shape["role"] == "admin"
assert "id" in shape and "createdAt" in shape assert "id" in shape and "createdAt" in shape
def test_update_password_actually_rehashes_and_verifies():
with SessionLocal()() as db:
u = users.create(db, username="frank", password="hunter2hunter2", role="user")
with SessionLocal()() as db:
users.update_password(db, u.id, "newpassword1")
# Old password no longer verifies.
with SessionLocal()() as db:
refreshed = users.get_by_username(db, "frank")
assert not users.verify_password("hunter2hunter2", refreshed.password_hash)
assert users.verify_password("newpassword1", refreshed.password_hash)