test(auth): tighten duplicate-username test + add update_password test
This commit is contained in:
@@ -4,6 +4,7 @@ from __future__ import annotations
|
||||
|
||||
import pytest
|
||||
from sqlalchemy import delete
|
||||
from sqlalchemy.exc import IntegrityError
|
||||
|
||||
from cyclone.auth import users
|
||||
from cyclone.db import SessionLocal, User
|
||||
@@ -56,7 +57,7 @@ def test_create_user_rejects_duplicate_username():
|
||||
with SessionLocal()() as db:
|
||||
users.create(db, username="bob", password="hunter2hunter2", role="user")
|
||||
with SessionLocal()() as db:
|
||||
with pytest.raises(Exception):
|
||||
with pytest.raises(IntegrityError):
|
||||
users.create(db, username="bob", password="anotherone", role="user")
|
||||
|
||||
|
||||
@@ -90,4 +91,16 @@ def test_to_public_shape_omits_password_hash():
|
||||
assert "password_hash" not in shape
|
||||
assert shape["username"] == "eve"
|
||||
assert shape["role"] == "admin"
|
||||
assert "id" in shape and "createdAt" in shape
|
||||
assert "id" in shape and "createdAt" in shape
|
||||
|
||||
|
||||
def test_update_password_actually_rehashes_and_verifies():
|
||||
with SessionLocal()() as db:
|
||||
u = users.create(db, username="frank", password="hunter2hunter2", role="user")
|
||||
with SessionLocal()() as db:
|
||||
users.update_password(db, u.id, "newpassword1")
|
||||
# Old password no longer verifies.
|
||||
with SessionLocal()() as db:
|
||||
refreshed = users.get_by_username(db, "frank")
|
||||
assert not users.verify_password("hunter2hunter2", refreshed.password_hash)
|
||||
assert users.verify_password("newpassword1", refreshed.password_hash)
|
||||
Reference in New Issue
Block a user