AegisSight/AegisSight-Monitor-Verwaltung
3
0
Fork 0
Code Issues Pull-Requests Actions Pakete Projekte Releases Wiki Aktivität
Dateien
main
AegisSight-Monitor-Verwaltung/tests/test_auth.py
claude-dev 00cd81f177 Phase 12: Test-Suite (30 pytest-Tests) + CLAUDE.md aktualisiert 
tests/:
  conftest.py        - minimale Env-Vars + sys.path-Setup
  test_auth.py       - Magic-Token + JWT Round-Trip (4 Tests)
  test_audit.py      - diff() + _to_json() Helper (8 Tests)
  test_models.py     - Pydantic-Validierung (7 Tests)
  test_source_meta.py - Single Source of Truth Konsistenz (7 Tests)
  test_imports.py    - alle Backend-Module importierbar (4 Tests)

requirements-dev.txt: pytest, ftfy, pyflakes

Tests sind reine Unit-Tests (kein DB-Zugriff, kein HTTP-Server),
laufen in <0.5s, geben sofortiges Catch-Net fuer Syntax/Import-Bugs.

Aufruf: PYTHONPATH=src ./venv/bin/python -m pytest tests/ -v

CLAUDE.md erweitert um:
- Sektion Tests (Framework, Pfad, Ausfuehrung)
- Sektion Phasen-Historie (alle 12 Phasen der Aufraeum-Aktion 2026-05-09
  mit kurzer Erklaerung)
2026-05-09 03:55:30 +00:00

39 Zeilen
1.3 KiB
Python
Originalformat Permalink Blame Verlauf

"""Tests fuer src/auth.py - Magic-Link-Token + JWT Round-Trip."""
import pytest
from auth import generate_magic_token, create_token, decode_token
def test_magic_token_is_url_safe_and_random():
t1 = generate_magic_token()
t2 = generate_magic_token()
assert t1 != t2
# token_urlsafe(32) -> 43 Zeichen base64-url
assert 40 <= len(t1) <= 50
# Nur URL-safe Zeichen
assert all(c.isalnum() or c in "-_" for c in t1)
def test_jwt_round_trip():
token = create_token(admin_id=42, email="info@aegis-sight.de", username="info")
payload = decode_token(token)
assert payload["sub"] == "42"
assert payload["email"] == "info@aegis-sight.de"
assert payload["username"] == "info"
assert payload["role"] == "portal_admin"
assert payload["iss"] == "aegissight-portal"
assert payload["aud"] == "aegissight-portal"
def test_jwt_username_default_from_email():
"""Wenn kein username uebergeben wird, kommt der local-part der Email."""
token = create_token(admin_id=1, email="someone@example.com")
payload = decode_token(token)
assert payload["username"] == "someone"
def test_decode_invalid_token_raises():
from fastapi import HTTPException
with pytest.raises(HTTPException) as exc:
decode_token("not.a.valid.jwt")
assert exc.value.status_code == 401
In neuem Issue referenzieren Git Blame ansehen Permalink kopieren