benya/Messenger
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(account): cover resend verification and password reset login flow
Some checks failed
CI / test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Alex
2026-03-08 21:07:17 +03:00
parent d6378ab346
commit a7965aa882
2 changed files with 76 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/core-checklist-status.md
View File

@@ -7,7 +7,7 @@ Legend:
## Modules ## Modules
1. Account - `PARTIAL` (email auth, JWT, refresh, logout, reset; sessions exist, full UX still improving) 1. Account - `PARTIAL` (email auth, JWT, refresh, logout, reset; integration tests now cover resend-verification token replacement and full password-reset login flow; sessions exist, full UX still improving)
2. User Profile - `DONE` (username, name, avatar, bio, update) 2. User Profile - `DONE` (username, name, avatar, bio, update)
3. User Status - `PARTIAL` (online/last seen/offline; web now formats `just now/today/yesterday/recently`, backend-side presence heuristics still limited) 3. User Status - `PARTIAL` (online/last seen/offline; web now formats `just now/today/yesterday/recently`, backend-side presence heuristics still limited)
4. Contacts - `PARTIAL` (list/search/add/remove/block/unblock; `add by email` flow covered by integration tests including `success/not found/blocked conflict`; web now surfaces specific add-by-email errors (`not found` vs `blocked`); UX moved to menu) 4. Contacts - `PARTIAL` (list/search/add/remove/block/unblock; `add by email` flow covered by integration tests including `success/not found/blocked conflict`; web now surfaces specific add-by-email errors (`not found` vs `blocked`); UX moved to menu)

76
tests/test_auth_flow.py
View File

@@ -1,6 +1,6 @@
from sqlalchemy import select from sqlalchemy import select
from app.auth.models import EmailVerificationToken from app.auth.models import EmailVerificationToken, PasswordResetToken
from app.utils.totp import _totp_code from app.utils.totp import _totp_code
@@ -297,3 +297,77 @@ async def test_twofa_recovery_codes_are_normalized_and_decrement_status(client,
status_after = await client.get("/api/v1/auth/2fa/recovery-codes/status", headers=headers) status_after = await client.get("/api/v1/auth/2fa/recovery-codes/status", headers=headers)
assert status_after.status_code == 200 assert status_after.status_code == 200
assert status_after.json()["remaining_codes"] == initial_count - 1 assert status_after.json()["remaining_codes"] == initial_count - 1
async def test_resend_verification_replaces_old_token_and_verifies_with_new_one(client, db_session):
payload = {
"email": "resend_flow@example.com",
"name": "Resend Flow",
"username": "resend_flow",
"password": "strongpass123",
}
register_response = await client.post("/api/v1/auth/register", json=payload)
assert register_response.status_code == 201
first_token_row = await db_session.execute(select(EmailVerificationToken).order_by(EmailVerificationToken.id.desc()))
first_token = first_token_row.scalar_one().token
resend_response = await client.post("/api/v1/auth/resend-verification", json={"email": payload["email"]})
assert resend_response.status_code == 200
second_token_row = await db_session.execute(select(EmailVerificationToken).order_by(EmailVerificationToken.id.desc()))
second_token = second_token_row.scalar_one().token
assert second_token != first_token
verify_old = await client.post("/api/v1/auth/verify-email", json={"token": first_token})
assert verify_old.status_code == 400
verify_new = await client.post("/api/v1/auth/verify-email", json={"token": second_token})
assert verify_new.status_code == 200
login_response = await client.post(
"/api/v1/auth/login",
json={"email": payload["email"], "password": payload["password"]},
)
assert login_response.status_code == 200
async def test_password_reset_flow_replaces_password_and_invalidates_old_password(client, db_session):
payload = {
"email": "reset_flow@example.com",
"name": "Reset Flow",
"username": "reset_flow",
"password": "strongpass123",
}
register_response = await client.post("/api/v1/auth/register", json=payload)
assert register_response.status_code == 201
token_row = await db_session.execute(select(EmailVerificationToken).order_by(EmailVerificationToken.id.desc()))
verify_token = token_row.scalar_one().token
verify_response = await client.post("/api/v1/auth/verify-email", json={"token": verify_token})
assert verify_response.status_code == 200
request_reset = await client.post("/api/v1/auth/request-password-reset", json={"email": payload["email"]})
assert request_reset.status_code == 200
reset_token_row = await db_session.execute(select(PasswordResetToken).order_by(PasswordResetToken.id.desc()))
reset_token = reset_token_row.scalar_one().token
new_password = "newstrongpass456"
reset_password_response = await client.post(
"/api/v1/auth/reset-password",
json={"token": reset_token, "new_password": new_password},
)
assert reset_password_response.status_code == 200
old_login = await client.post(
"/api/v1/auth/login",
json={"email": payload["email"], "password": payload["password"]},
)
assert old_login.status_code == 401
new_login = await client.post(
"/api/v1/auth/login",
json={"email": payload["email"], "password": new_password},
)
assert new_login.status_code == 200