feat: add authentication routes with session login, WebAuthn, and credential management
Implement Phase 4 auth routes: password login/logout, WebAuthn registration and authentication, magic link registration, and credential management pages with HTMX. Includes session middleware, Jinja2 templates, vendored HTMX, and last-credential guardrails. 120 tests passing.
This commit is contained in:
parent
f7ed2cf54d
commit
e15dcc4745
23 changed files with 1440 additions and 2 deletions
38
tests/test_auth_routes/test_session_deps.py
Normal file
38
tests/test_auth_routes/test_session_deps.py
Normal file
|
|
@ -0,0 +1,38 @@
|
|||
from unittest.mock import MagicMock
|
||||
|
||||
import pytest
|
||||
from fastapi import HTTPException
|
||||
|
||||
from fastapi_oidc_op.dependencies import get_session_user, require_session_user
|
||||
|
||||
|
||||
def test_get_session_user_none_when_missing() -> None:
|
||||
request = MagicMock()
|
||||
request.session = {}
|
||||
assert get_session_user(request) is None
|
||||
|
||||
|
||||
def test_get_session_user_returns_tuple() -> None:
|
||||
request = MagicMock()
|
||||
request.session = {"userid": "u1", "username": "alice"}
|
||||
assert get_session_user(request) == ("u1", "alice")
|
||||
|
||||
|
||||
def test_get_session_user_none_when_partial() -> None:
|
||||
request = MagicMock()
|
||||
request.session = {"userid": "u1"} # missing username
|
||||
assert get_session_user(request) is None
|
||||
|
||||
|
||||
def test_require_session_user_raises_when_missing() -> None:
|
||||
request = MagicMock()
|
||||
request.session = {}
|
||||
with pytest.raises(HTTPException) as exc_info:
|
||||
require_session_user(request)
|
||||
assert exc_info.value.status_code == 401
|
||||
|
||||
|
||||
def test_require_session_user_returns_tuple() -> None:
|
||||
request = MagicMock()
|
||||
request.session = {"userid": "u1", "username": "alice"}
|
||||
assert require_session_user(request) == ("u1", "alice")
|
||||
Loading…
Add table
Add a link
Reference in a new issue