chapter-gtm · shrir · Feb 13, 2025 · Feb 13, 2025 · Feb 14, 2025 · Feb 14, 2025
diff --git a/README.md b/README.md
@@ -86,3 +86,38 @@ Note: This project integrates with third-party APIs. You will need to obtain the
 We <3 contributions big and small:
 
 - Submit a [feature request](https://github.com/chapter-gtm/chapter/issues/new?assignees=&labels=&projects=&template=feature_request.md&title=) or [bug report](https://github.com/chapter-gtm/chapter/issues/new?assignees=&labels=&projects=&template=bug_report.md&title=)
+
+## Test
+- 1
+- 2
+- 3
+- 4
+- 5
+- 6
+- 7
+- 8
+- 9
+- 10
+- 11
+- 12
+- 13
+- 14
+- 15
+- 16
+- 17
+- 18
+- 20
+- 21
+- 22
+- 23
+- 24
+- 25
+- 26
+- 27
+- 28
+- 29
+- 30
+- 31
+- 32
+- 33
+- 34
diff --git a/chapter_api_tests/0.2.0/validation/test_post_api-access-login.py b/chapter_api_tests/0.2.0/validation/test_post_api-access-login.py
@@ -0,0 +1,126 @@
+import os
+import pytest
+import httpx
+
+API_BASE_URL = os.getenv('API_BASE_URL')
+
+
+@pytest.mark.asyncio
+async def test_login_success():
+    url = f'{API_BASE_URL}/api/access/login'
+    payload = {'username': 'testuser', 'password': 'testpass'}
+    response = await httpx.post(url, json=payload)
+
+    assert response.status_code == 201
+    assert response.headers['Content-Type'] == 'application/json'
+    assert 'access_token' in response.json()
+    assert 'token_type' in response.json()
+
+
+@pytest.mark.asyncio
+async def test_login_missing_username():
+    url = f'{API_BASE_URL}/api/access/login'
+    payload = {'password': 'testpass'}
+    response = await httpx.post(url, json=payload)
+
+    assert response.status_code == 400
+    assert response.json()['status_code'] == 400
+    assert response.json()['detail'] == 'Bad Request'
+
+
+@pytest.mark.asyncio
+async def test_login_missing_password():
+    url = f'{API_BASE_URL}/api/access/login'
+    payload = {'username': 'testuser'}
+    response = await httpx.post(url, json=payload)
+
+    assert response.status_code == 400
+    assert response.json()['status_code'] == 400
+    assert response.json()['detail'] == 'Bad Request'
+
+
+@pytest.mark.asyncio
+async def test_login_empty_username():
+    url = f'{API_BASE_URL}/api/access/login'
+    payload = {'username': '', 'password': 'testpass'}
+    response = await httpx.post(url, json=payload)
+
+    assert response.status_code == 400
+    assert response.json()['status_code'] == 400
+    assert response.json()['detail'] == 'Bad Request'
+
+
+@pytest.mark.asyncio
+async def test_login_empty_password():
+    url = f'{API_BASE_URL}/api/access/login'
+    payload = {'username': 'testuser', 'password': ''}
+    response = await httpx.post(url, json=payload)
+
+    assert response.status_code == 400
+    assert response.json()['status_code'] == 400
+    assert response.json()['detail'] == 'Bad Request'
+
+
+@pytest.mark.asyncio
+async def test_login_invalid_credentials():
+    url = f'{API_BASE_URL}/api/access/login'
+    payload = {'username': 'invaliduser', 'password': 'wrongpass'}
+    response = await httpx.post(url, json=payload)
+
+    assert response.status_code == 400
+    assert response.json()['status_code'] == 400
+    assert response.json()['detail'] == 'Bad Request'
+
+
+@pytest.mark.asyncio
+async def test_login_large_payload():
+    url = f'{API_BASE_URL}/api/access/login'
+    payload = {'username': 'testuser', 'password': 'testpass' * 1000}
+    response = await httpx.post(url, json=payload)
+
+    assert response.status_code == 400
+    assert response.json()['status_code'] == 400
+    assert response.json()['detail'] == 'Bad Request'
+
+
+@pytest.mark.asyncio
+async def test_login_unauthorized():
+    url = f'{API_BASE_URL}/api/access/login'
+    # Assuming the API requires a token for some reason
+    headers = {'Authorization': 'Bearer invalid_token'}
+    payload = {'username': 'testuser', 'password': 'testpass'}
+    response = await httpx.post(url, json=payload, headers=headers)
+
+    assert response.status_code == 401
+
+
+@pytest.mark.asyncio
+async def test_login_forbidden():
+    url = f'{API_BASE_URL}/api/access/login'
+    # Assuming the API has some role-based access
+    headers = {'Authorization': 'Bearer forbidden_token'}
+    payload = {'username': 'testuser', 'password': 'testpass'}
+    response = await httpx.post(url, json=payload, headers=headers)
+
+    assert response.status_code == 403
+
+
+@pytest.mark.asyncio
+async def test_login_malformed_request():
+    url = f'{API_BASE_URL}/api/access/login'
+    response = await httpx.post(url, data='malformed_data')
+
+    assert response.status_code == 400
+    assert response.json()['status_code'] == 400
+    assert response.json()['detail'] == 'Bad Request'
+
+
+@pytest.mark.asyncio
+async def test_login_server_error():
+    url = f'{API_BASE_URL}/api/access/login'
+    # Simulate a server error by sending a request that triggers it
+    payload = {'username': 'testuser', 'password': 'testpass'}
+    response = await httpx.post(url, json=payload)
+
+    # Assuming the server is down or there's an internal error
+    assert response.status_code == 500
diff --git a/chapter_api_tests/0.2.0/validation/test_post_api-access-logout.py b/chapter_api_tests/0.2.0/validation/test_post_api-access-logout.py
@@ -0,0 +1,93 @@
+import os
+import pytest
+import httpx
+
+
+@pytest.fixture
+async def client():
+    base_url = os.getenv('API_BASE_URL')
+    async with httpx.AsyncClient(base_url=base_url) as client:
+        yield client
+
+
+@pytest.mark.asyncio
+async def test_logout_success(client):
+    response = await client.post('/api/access/logout')
+    assert response.status_code == 201
+    assert response.headers['Content-Type'] == 'application/json'
+    assert response.json() == {}
+
+
+@pytest.mark.asyncio
+async def test_logout_unauthorized(client):
+    response = await client.post('/api/access/logout', headers={'Authorization': 'Bearer invalid_token'})
+    assert response.status_code == 401
+    assert response.headers['Content-Type'] == 'application/json'
+    assert 'error' in response.json()
+
+
+@pytest.mark.asyncio
+async def test_logout_forbidden(client):
+    response = await client.post('/api/access/logout', headers={'Authorization': 'Bearer forbidden_token'})
+    assert response.status_code == 403
+    assert response.headers['Content-Type'] == 'application/json'
+    assert 'error' in response.json()
+
+
+@pytest.mark.asyncio
+async def test_logout_empty_response(client):
+    response = await client.post('/api/access/logout')
+    assert response.status_code == 201
+    assert response.json() == {}
+
+
+@pytest.mark.asyncio
+async def test_logout_invalid_request(client):
+    # Simulating a malformed request by sending an invalid method
+    response = await client.get('/api/access/logout')
+    assert response.status_code == 405  # Method Not Allowed
+
+
+@pytest.mark.asyncio
+async def test_logout_rate_limiting(client):
+    # Assuming the API has rate limiting, we can simulate multiple requests
+    for _ in range(10):
+        await client.post('/api/access/logout')
+    response = await client.post('/api/access/logout')
+    assert response.status_code == 429  # Too Many Requests
+
+
+@pytest.mark.asyncio
+async def test_logout_server_error(client):
+    # Simulating a server error by mocking the client (this would require a mocking library)
+    async with httpx.AsyncClient(base_url=os.getenv('API_BASE_URL')) as mock_client:
+        mock_client.post = lambda *args, **kwargs: httpx.Response(500)
+        response = await mock_client.post('/api/access/logout')
+        assert response.status_code == 500
+
+
+@pytest.mark.asyncio
+async def test_logout_edge_cases(client):
+    # Test with large payloads or empty responses if applicable
+    response = await client.post('/api/access/logout')
+    assert response.status_code == 201
+    assert response.headers['Content-Type'] == 'application/json'
+    assert response.json() == {}
+
+
+@pytest.mark.asyncio
+async def test_logout_with_valid_token(client):
+    # Assuming we have a valid token for testing
+    valid_token = 'valid_token'
+    response = await client.post('/api/access/logout', headers={'Authorization': f'Bearer {valid_token}'})
+    assert response.status_code == 201
+    assert response.headers['Content-Type'] == 'application/json'
+    assert response.json() == {}
+
+
+@pytest.mark.asyncio
+async def test_logout_with_invalid_token(client):
+    response = await client.post('/api/access/logout', headers={'Authorization': 'Bearer invalid_token'})
+    assert response.status_code == 401
+    assert response.headers['Content-Type'] == 'application/json'
+    assert 'error' in response.json()
-Original file line number
+Diff line change
@@ Expand Up @@
     We <3 contributions big and small:
     - Submit a [feature request](https://github.com/chapter-gtm/chapter/issues/new?assignees=&labels=&projects=&template=feature_request.md&title=) or [bug report](https://github.com/chapter-gtm/chapter/issues/new?assignees=&labels=&projects=&template=bug_report.md&title=)
+    ## Test
+    - 1
+    - 2
+    - 3
+    - 4
+    - 5
+    - 6
+    - 7
+    - 8
+    - 9
+    - 10
+    - 11
+    - 12
+    - 13
+    - 14
+    - 15
+    - 16
+    - 17
+    - 18
+    - 20
+    - 21
+    - 22
+    - 23
+    - 24
+    - 25
+    - 26
+    - 27
+    - 28
+    - 29
+    - 30
+    - 31
+    - 32
+    - 33
+    - 34