87 lines
2.4 KiB
Python
87 lines
2.4 KiB
Python
from datetime import UTC, datetime, timedelta
|
|
|
|
from porchlight.models import (
|
|
CredentialType,
|
|
MagicLink,
|
|
PasswordCredential,
|
|
User,
|
|
WebAuthnCredential,
|
|
)
|
|
|
|
# TODO: Add model validation tests:
|
|
# - Required fields reject missing values (userid, username, etc.)
|
|
# - CredentialType rejects invalid enum values
|
|
# - WebAuthnCredential requires credential_id and public_key
|
|
# - sign_count rejects negative values
|
|
|
|
|
|
def test_user_creation() -> None:
|
|
user = User(
|
|
userid="lusab-bansen",
|
|
username="alice",
|
|
)
|
|
assert user.userid == "lusab-bansen"
|
|
assert user.username == "alice"
|
|
assert user.preferred_username is None
|
|
assert user.email is None
|
|
assert user.active is True
|
|
assert user.groups == []
|
|
assert user.created_at is not None
|
|
assert user.updated_at is not None
|
|
|
|
|
|
def test_user_with_all_fields() -> None:
|
|
user = User(
|
|
userid="lusab-bansen",
|
|
username="alice",
|
|
preferred_username="Alice W.",
|
|
given_name="Alice",
|
|
family_name="Wonderland",
|
|
nickname="ally",
|
|
email="alice@example.com",
|
|
email_verified=True,
|
|
phone_number="+1234567890",
|
|
phone_number_verified=False,
|
|
picture="https://example.com/alice.jpg",
|
|
locale="en-US",
|
|
active=True,
|
|
groups=["admin", "users"],
|
|
)
|
|
assert user.given_name == "Alice"
|
|
assert user.groups == ["admin", "users"]
|
|
|
|
|
|
def test_webauthn_credential() -> None:
|
|
cred = WebAuthnCredential(
|
|
user_id="lusab-bansen",
|
|
credential_id=b"\x01\x02\x03",
|
|
public_key=b"\x04\x05\x06",
|
|
sign_count=0,
|
|
device_name="YubiKey 5",
|
|
)
|
|
assert cred.type == CredentialType.WEBAUTHN
|
|
assert cred.credential_id == b"\x01\x02\x03"
|
|
assert cred.device_name == "YubiKey 5"
|
|
|
|
|
|
def test_password_credential() -> None:
|
|
cred = PasswordCredential(
|
|
user_id="lusab-bansen",
|
|
password_hash="$argon2id$v=19$m=65536,t=3,p=4$hash",
|
|
)
|
|
assert cred.type == CredentialType.PASSWORD
|
|
assert cred.password_hash.startswith("$argon2")
|
|
|
|
|
|
def test_magic_link() -> None:
|
|
expires = datetime.now(UTC) + timedelta(hours=24)
|
|
link = MagicLink(
|
|
token="abc123def456",
|
|
username="newuser",
|
|
expires_at=expires,
|
|
)
|
|
assert link.token == "abc123def456"
|
|
assert link.username == "newuser"
|
|
assert link.used is False
|
|
assert link.created_by is None
|
|
assert link.expires_at == expires
|