Feature: Testes adicionados

IkeSalmonson · IkeSalmonson · commit 16bcbb754841 · 2025-08-26T16:19:51.000-03:00
diff --git a/app/routers/authentication.py b/app/routers/authentication.py
@@ -6,7 +6,7 @@
 from jwt.exceptions import InvalidTokenError
 from sqlmodel.ext.asyncio.session import AsyncSession
 
-from app.schemas import Token, TokenPayload
+from app.schemas import Community, Token, TokenPayload
 from app.services import auth
 from app.services.database.models import Community as DBCommunity
 from app.services.database.orm.community import get_community_by_username
@@ -107,7 +107,7 @@ async def login_for_access_token(
             "expires_in": expires_in,
         }
 
-    @router.get("/me", response_model=DBCommunity)
+    @router.get("/me", response_model=Community)
     async def read_community_me(
         current_community: Annotated[
             DBCommunity, Depends(get_current_active_community)
diff --git a/tests/test_auth.py b/tests/test_auth.py
@@ -1,21 +1,22 @@
 import pytest
 import pytest_asyncio
+from fastapi import status
+from httpx import AsyncClient
 from services.database.models import Community
-from sqlmodel import select
 from sqlmodel.ext.asyncio.session import AsyncSession
 
-from httpx import AsyncClient
-from fastapi import status
-from typing import Mapping
 from app.services.auth import hash_password
 
 password = "123Asd!@#"
 
-## gerar usuario para autenticação
+
+# gerar usuario para autenticação
 @pytest_asyncio.fixture
 async def community(session: AsyncSession):
-    hashed_password=hash_password(password)
-    community = Community(username="username", email="username@test.com", password=hashed_password)
+    hashed_password = hash_password(password)
+    community = Community(
+        username="username", email="username@test.com", password=hashed_password
+    )
     session.add(community)
     await session.commit()
     await session.refresh(community)
@@ -24,23 +25,20 @@ async def community(session: AsyncSession):
 
 @pytest.mark.asyncio
 async def test_authentication_token_endpoint(
-    async_client: AsyncClient, 
-    community: Community # Adicionando a comunidade do fixture
+    async_client: AsyncClient,
+    community: Community,  # Adicionando a comunidade do fixture
 ):
     """
     Testa o endpoint de login (/token) com credenciais válidas e inválidas.
     """
     # 1. Teste de login com credenciais válidas
     # O OAuth2PasswordRequestForm espera 'username' e 'password'
-    form_data = {
-        "username": community.username, 
-        "password":  password
-    }
-    
+    form_data = {"username": community.username, "password": password}
+
     response = await async_client.post(
         "/api/authentication/token",
         data=form_data,
-        headers={"Content-Type": "application/x-www-form-urlencoded"}
+        headers={"Content-Type": "application/x-www-form-urlencoded"},
     )
 
     # Validar a resposta
@@ -51,17 +49,77 @@ async def test_authentication_token_endpoint(
 
     # 2. Teste de login com credenciais inválidas
     invalid_form_data = {
-        "username": "wrong_username", 
-        "password": "wrong_password"
+        "username": "wrong_username",
+        "password": "wrong_password",
     }
 
     response_invalid = await async_client.post(
         "/api/authentication/token",
         data=invalid_form_data,
-        headers={"Content-Type": "application/x-www-form-urlencoded"}
+        headers={"Content-Type": "application/x-www-form-urlencoded"},
     )
-    
+
     # Validar que o status é 401 Unauthorized
     assert response_invalid.status_code == status.HTTP_401_UNAUTHORIZED
     assert response_invalid.json()["detail"] == "Credenciais inválidas"
 
+
+@pytest.mark.asyncio
+async def test_community_me_with_valid_token(
+    async_client: AsyncClient, community: Community
+):
+    """
+    Testa se o endpoint protegido /authenticate/me/ retorna os dados do usuário com um token válido.
+    """
+    # 1. Obter um token de acesso primeiro
+    form_data = {
+        "grant_type": "password",
+        "username": community.username,
+        "password": password,
+    }
+    token_response = await async_client.post(
+        "/api/authentication/token",
+        data=form_data,
+        headers={"Content-Type": "application/x-www-form-urlencoded"},
+    )
+    assert token_response.status_code == status.HTTP_200_OK
+    token = token_response.json()["access_token"]
+
+    # 2. Acessar o endpoint protegido com o token
+    headers = {"Authorization": f"Bearer {token}"}
+    response = await async_client.get("/api/authentication/me", headers=headers)
+
+    # Validar a resposta
+    assert response.status_code == status.HTTP_200_OK
+    user_data = response.json()
+    assert user_data["username"] == community.username
+    assert user_data["email"] == community.email
+    # Assegurar que a senha não é retornada na resposta
+    assert "password" not in user_data
+
+
+@pytest.mark.asyncio
+async def test_community_me_without_token(async_client: AsyncClient):
+    """
+    Testa se o endpoint protegido authentication/me/ retorna um erro 401 sem um token de acesso.
+    """
+    response = await async_client.get("/api/authentication/me")
+
+    # Validar a resposta
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert "detail" in response.json()
+    assert response.json()["detail"] == "Not authenticated"
+
+
+@pytest.mark.asyncio
+async def test_community_me_with_bad_token(async_client: AsyncClient):
+    """
+    Testa se o endpoint protegido authentication/me/ retorna um erro 401 sem um token de acesso.
+    """
+    headers = {"Authorization": "Bearer WrongToken"}
+    response = await async_client.get("/api/authentication/me", headers=headers)
+
+    # Validar a resposta
+    assert response.status_code == status.HTTP_401_UNAUTHORIZED
+    assert "detail" in response.json()
+    assert response.json()["detail"] == "Could not validate credentials"
