feat: Update API token handling to use API-TOKEN header and improve related tests

tests/utils/test_token_utils.py

@@ -1,14 +1,18 @@
 """Tests for token utilities."""
 
 from datetime import UTC, datetime, timedelta
+from zoneinfo import ZoneInfo
 
 from app.utils.auth import TokenUtils
 
+TOKEN_LENGTH = 43  # Length of URL-safe base64 encoded 32-byte token
+UNIQUE_TOKENS_COUNT = 10  # Number of unique tokens to generate for uniqueness test
+
 
 class TestTokenUtils:
     """Test token utility functions."""
 
-    def test_generate_api_token(self):
+    def test_generate_api_token(self) -> None:
         """Test API token generation."""
         token = TokenUtils.generate_api_token()
 
@@ -19,44 +23,44 @@ class TestTokenUtils:
         assert len(token) > 0
 
         # Should be URL-safe base64 (43 characters for 32 bytes)
-        assert len(token) == 43
+        assert len(token) == TOKEN_LENGTH
 
         # Should be unique (generate multiple and check they're different)
-        tokens = [TokenUtils.generate_api_token() for _ in range(10)]
-        assert len(set(tokens)) == 10
+        tokens = [TokenUtils.generate_api_token() for _ in range(UNIQUE_TOKENS_COUNT)]
+        assert len(set(tokens)) == UNIQUE_TOKENS_COUNT
 
-    def test_is_token_expired_none(self):
+    def test_is_token_expired_none(self) -> None:
         """Test token expiration check with None expires_at."""
         result = TokenUtils.is_token_expired(None)
         assert result is False
 
-    def test_is_token_expired_future_naive(self):
+    def test_is_token_expired_future_naive(self) -> None:
         """Test token expiration check with future naive datetime."""
         # Use UTC time for naive datetime (as the function assumes)
-        expires_at = datetime.utcnow() + timedelta(hours=1)
+        expires_at = datetime.now(UTC) + timedelta(hours=1)
         result = TokenUtils.is_token_expired(expires_at)
         assert result is False
 
-    def test_is_token_expired_past_naive(self):
+    def test_is_token_expired_past_naive(self) -> None:
         """Test token expiration check with past naive datetime."""
         # Use UTC time for naive datetime (as the function assumes)
-        expires_at = datetime.utcnow() - timedelta(hours=1)
+        expires_at = datetime.now(UTC) - timedelta(hours=1)
         result = TokenUtils.is_token_expired(expires_at)
         assert result is True
 
-    def test_is_token_expired_future_aware(self):
+    def test_is_token_expired_future_aware(self) -> None:
         """Test token expiration check with future timezone-aware datetime."""
         expires_at = datetime.now(UTC) + timedelta(hours=1)
         result = TokenUtils.is_token_expired(expires_at)
         assert result is False
 
-    def test_is_token_expired_past_aware(self):
+    def test_is_token_expired_past_aware(self) -> None:
         """Test token expiration check with past timezone-aware datetime."""
         expires_at = datetime.now(UTC) - timedelta(hours=1)
         result = TokenUtils.is_token_expired(expires_at)
         assert result is True
 
-    def test_is_token_expired_edge_case_now(self):
+    def test_is_token_expired_edge_case_now(self) -> None:
         """Test token expiration check with time very close to now."""
         # Token expires in 1 second
         expires_at = datetime.now(UTC) + timedelta(seconds=1)
@@ -68,10 +72,8 @@ class TestTokenUtils:
         result = TokenUtils.is_token_expired(expires_at)
         assert result is True
 
-    def test_is_token_expired_timezone_conversion(self):
+    def test_is_token_expired_timezone_conversion(self) -> None:
         """Test token expiration check with different timezone."""
-        from zoneinfo import ZoneInfo
-
         # Create a datetime in a different timezone
         eastern = ZoneInfo("US/Eastern")
         expires_at = datetime.now(eastern) + timedelta(hours=1)