lundberg/porchlight
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

test: add failing test for registering pre-existing users

Browse source 
Part of CLI module work (fastapi-oidc-op-9lb.1). The test verifies that
/register/{token} handles users already created by initial-admin.
This commit is contained in:
Johan Lundberg 2026-02-17 14:09:00 +01:00
parent 8aebd04d2a
commit 1c21d6d199
No known key found for this signature in database
GPG key ID: A6C152738D03C7D1
1 changed files with 37 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

38
tests/test_auth_routes/test_register_magic_link.py
View file

@ -2,7 +2,7 @@ from datetime import UTC, datetime, timedelta
from httpx import AsyncClient
from porchlight.models import MagicLink
from porchlight.models import MagicLink, User
async def test_register_invalid_token_returns_error_page(client: AsyncClient) -> None:
@ -70,3 +70,39 @@ async def test_register_used_token_returns_error(client: AsyncClient) -> None:
res = await client.get("/register/used", follow_redirects=False)
assert res.status_code == 400
async def test_register_existing_user_logs_in_and_redirects(client: AsyncClient) -> None:
"""When initial-admin creates a user, the invite link should log them in."""
app = client._transport.app # type: ignore[union-attr]
magic_link_repo = app.state.magic_link_repo
user_repo = app.state.user_repo
# Pre-create the user (as initial-admin would)
user = User(userid="lusab-bansen", username="admin", groups=["admin", "users"])
await user_repo.create(user)
# Create invite for the same username
await magic_link_repo.create(
MagicLink(
token="admin-setup",
username="admin",
expires_at=datetime.now(UTC) + timedelta(hours=1),
)
)
res = await client.get("/register/admin-setup", follow_redirects=False)
assert res.status_code in (302, 303)
assert "/manage/credentials" in res.headers["location"]
assert "setup=1" in res.headers["location"]
# Token should be marked used
link = await magic_link_repo.get_by_token("admin-setup")
assert link is not None
assert link.used is True
# Original user should still exist with original groups
existing = await user_repo.get_by_username("admin")
assert existing is not None
assert existing.userid == "lusab-bansen"
assert "admin" in existing.groups