from argon2 import PasswordHasher

from porchlight.authn.password import PasswordService


def test_hash_returns_argon2_string() -> None:
    service = PasswordService(hasher=PasswordHasher(time_cost=1, memory_cost=8192))
    result = service.hash("correcthorse")
    assert result.startswith("$argon2id$")


def test_verify_correct_password() -> None:
    service = PasswordService(hasher=PasswordHasher(time_cost=1, memory_cost=8192))
    hashed = service.hash("correcthorse")
    assert service.verify(hashed, "correcthorse") is True


def test_verify_wrong_password() -> None:
    service = PasswordService(hasher=PasswordHasher(time_cost=1, memory_cost=8192))
    hashed = service.hash("correcthorse")
    assert service.verify(hashed, "wrongpassword") is False


def test_verify_invalid_hash() -> None:
    service = PasswordService(hasher=PasswordHasher(time_cost=1, memory_cost=8192))
    assert service.verify("not-a-hash", "password") is False


def test_default_hasher() -> None:
    service = PasswordService()
    hashed = service.hash("test")
    assert service.verify(hashed, "test") is True