from datetime import UTC, datetime from argon2 import PasswordHasher from httpx import AsyncClient from porchlight.authn.password import PasswordService from porchlight.models import PasswordCredential, User from tests.conftest import get_csrf_token async def _login(client: AsyncClient, username: str = "alice", password: str = "testpass") -> None: """Helper: create user + password credential and log in via POST /login/password.""" app = client._transport.app # type: ignore[union-attr] user_repo = app.state.user_repo cred_repo = app.state.credential_repo user = await user_repo.get_by_username(username) if user is None: user = User( userid="lusab-bansen", username=username, created_at=datetime.now(UTC), updated_at=datetime.now(UTC) ) await user_repo.create(user) svc = PasswordService(hasher=PasswordHasher(time_cost=1, memory_cost=8192)) existing = await cred_repo.get_password_by_user(user.userid) if existing is None: await cred_repo.create_password(PasswordCredential(user_id=user.userid, password_hash=svc.hash(password))) token = await get_csrf_token(client) await client.post( "/login/password", data={"username": username, "password": password}, headers={"HX-Request": "true", "X-CSRF-Token": token}, ) async def test_manage_credentials_requires_login(client: AsyncClient) -> None: res = await client.get("/manage/credentials", follow_redirects=False) assert res.status_code in (302, 303) assert res.headers["location"] == "/login" async def test_manage_credentials_renders_for_logged_in_user(client: AsyncClient) -> None: await _login(client) res = await client.get("/manage/credentials") assert res.status_code == 200 assert "Credentials" in res.text async def test_manage_credentials_shows_setup_banner(client: AsyncClient) -> None: await _login(client) res = await client.get("/manage/credentials?setup=1") assert res.status_code == 200 assert "Welcome" in res.text or "setup" in res.text.lower()