Refactor tests for improved consistency and readability

- Updated test cases in `test_auth_endpoints.py` to ensure consistent formatting and style. - Enhanced `test_socket_endpoints.py` with consistent parameter formatting and improved readability. - Cleaned up `conftest.py` by ensuring consistent parameter formatting in fixtures. - Added comprehensive tests for API token dependencies in `test_api_token_dependencies.py`. - Refactored `test_auth_service.py` to maintain consistent parameter formatting. - Cleaned up `test_oauth_service.py` by removing unnecessary imports. - Improved `test_socket_service.py` with consistent formatting and readability. - Enhanced `test_cookies.py` by ensuring consistent formatting and readability. - Introduced new tests for token utilities in `test_token_utils.py` to validate token generation and expiration logic.
2025-07-27 15:11:47 +02:00
parent 42deab2409
commit 3dc21337f9
16 changed files with 991 additions and 159 deletions
--- a/app/core/dependencies.py
+++ b/app/core/dependencies.py
@@ -2,7 +2,7 @@

 from typing import Annotated, cast

-from fastapi import Cookie, Depends, HTTPException, status
+from fastapi import Cookie, Depends, Header, HTTPException, status
 from sqlmodel.ext.asyncio.session import AsyncSession

 from app.core.database import get_db
@@ -10,7 +10,7 @@ from app.core.logging import get_logger
 from app.models.user import User
 from app.services.auth import AuthService
 from app.services.oauth import OAuthService
-from app.utils.auth import JWTUtils
+from app.utils.auth import JWTUtils, TokenUtils

 logger = get_logger(__name__)

@@ -92,6 +92,95 @@ async def get_current_active_user(
    return current_user


+async def get_current_user_api_token(
+    auth_service: Annotated[AuthService, Depends(get_auth_service)],
+    authorization: Annotated[str | None, Header()] = None,
+) -> User:
+    """Get the current authenticated user from API token in Authorization header."""
+    try:
+        # Check if Authorization header exists
+        if not authorization:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Authorization header required",
+            )
+
+        # Check if it's a Bearer token
+        if not authorization.startswith("Bearer "):
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid authorization header format",
+            )
+
+        # Extract the API token
+        api_token = authorization[7:]  # Remove "Bearer " prefix
+        if not api_token:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="API token required",
+            )
+
+        # Get the user by API token
+        user = await auth_service.get_user_by_api_token(api_token)
+        if not user:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid API token",
+            )
+
+        # Check if token is expired
+        if TokenUtils.is_token_expired(user.api_token_expires_at):
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="API token has expired",
+            )
+
+        # Check if user is active
+        if not user.is_active:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Account is deactivated",
+            )
+
+        return user
+
+    except HTTPException:
+        # Re-raise HTTPExceptions without wrapping them
+        raise
+    except Exception as e:
+        logger.exception("Failed to authenticate user with API token")
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Could not validate API token",
+        ) from e
+
+
+async def get_current_user_flexible(
+    auth_service: Annotated[AuthService, Depends(get_auth_service)],
+    access_token: Annotated[str | None, Cookie()] = None,
+    authorization: Annotated[str | None, Header()] = None,
+) -> User:
+    """Get the current authenticated user from either JWT cookie or API token."""
+    # Try API token first if Authorization header is present
+    if authorization:
+        return await get_current_user_api_token(auth_service, authorization)
+
+    # Fall back to JWT cookie authentication
+    return await get_current_user(auth_service, access_token)
+
+
+async def get_current_active_user_flexible(
+    current_user: Annotated[User, Depends(get_current_user_flexible)],
+) -> User:
+    """Get the current authenticated and active user using flexible auth."""
+    if not current_user.is_active:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Account is deactivated",
+        )
+    return current_user
+
+
 async def get_admin_user(
    current_user: Annotated[User, Depends(get_current_active_user)],
 ) -> User: