novalon-manage-system/e2e_tests/tests/test_auth.py

"""
认证测试用例
"""

import pytest
from api.auth_api import AuthAPI
from config.settings import settings


@pytest.mark.auth
@pytest.mark.smoke
class TestAuth:
    """认证测试类"""
    
    @pytest.mark.asyncio
    async def test_login_success(self, http_client):
        """测试成功登录"""
        auth_api = AuthAPI(http_client)
        response = await auth_api.login(settings.TEST_USERNAME, settings.TEST_PASSWORD)
        
        assert response.status_code == 200
        data = response.json()
        assert "accessToken" in data
        assert "refreshToken" in data
        assert isinstance(data["accessToken"], str)
        assert isinstance(data["refreshToken"], str)
    
    @pytest.mark.asyncio
    async def test_login_invalid_credentials(self, http_client):
        """测试无效凭证登录"""
        auth_api = AuthAPI(http_client)
        response = await auth_api.login("invalid_user", "invalid_password")
        
        assert response.status_code == 401
    
    @pytest.mark.asyncio
    async def test_login_missing_fields(self, http_client):
        """测试缺少必填字段"""
        auth_api = AuthAPI(http_client)
        response = await http_client.post("/api/auth/login", json={
            "username": "test"
        })
        
        assert response.status_code == 400
    
    @pytest.mark.asyncio
    async def test_refresh_token_success(self, http_client, auth_token):
        """测试刷新token成功"""
        auth_api = AuthAPI(http_client)
        
        login_response = await auth_api.login(settings.TEST_USERNAME, settings.TEST_PASSWORD)
        refresh_token = login_response.json().get("refreshToken")
        
        response = await auth_api.refresh_token(refresh_token)
        
        assert response.status_code == 200
        data = response.json()
        assert "accessToken" in data
        assert "refreshToken" in data
    
    @pytest.mark.asyncio
    async def test_refresh_token_invalid(self, http_client):
        """测试无效刷新token"""
        auth_api = AuthAPI(http_client)
        response = await auth_api.refresh_token("invalid_refresh_token")
        
        assert response.status_code == 401
    
    @pytest.mark.asyncio
    async def test_logout_success(self, http_client, auth_token):
        """测试登出成功"""
        auth_api = AuthAPI(http_client)
        response = await auth_api.logout(auth_token)
        
        assert response.status_code == 200
    
    @pytest.mark.asyncio
    async def test_logout_without_token(self, http_client):
        """测试无token登出"""
        auth_api = AuthAPI(http_client)
        response = await http_client.post("/api/auth/logout")
        
        assert response.status_code == 400