diff --git a/README.md b/README.md index 916fd005..8dd7c869 100644 --- a/README.md +++ b/README.md @@ -86,3 +86,5 @@ Note: This project integrates with third-party APIs. You will need to obtain the We <3 contributions big and small: - Submit a [feature request](https://github.com/chapter-gtm/chapter/issues/new?assignees=&labels=&projects=&template=feature_request.md&title=) or [bug report](https://github.com/chapter-gtm/chapter/issues/new?assignees=&labels=&projects=&template=bug_report.md&title=) + +# Test diff --git a/chapter_api_tests/0.2.0/validation/test_post_api-access-login.py b/chapter_api_tests/0.2.0/validation/test_post_api-access-login.py new file mode 100644 index 00000000..f88ef79e --- /dev/null +++ b/chapter_api_tests/0.2.0/validation/test_post_api-access-login.py @@ -0,0 +1,133 @@ +import os +import pytest +import httpx + +API_BASE_URL = os.getenv('API_BASE_URL') + + +@pytest.mark.asyncio +async def test_login_success(): + url = f'{API_BASE_URL}/api/access/login' + payload = {'username': 'testuser', 'password': 'testpass'} + response = await httpx.post(url, json=payload) + + assert response.status_code == 201 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert 'access_token' in data + assert 'token_type' in data + + +@pytest.mark.asyncio +async def test_login_missing_username(): + url = f'{API_BASE_URL}/api/access/login' + payload = {'password': 'testpass'} + response = await httpx.post(url, json=payload) + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_missing_password(): + url = f'{API_BASE_URL}/api/access/login' + payload = {'username': 'testuser'} + response = await httpx.post(url, json=payload) + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_invalid_credentials(): + url = f'{API_BASE_URL}/api/access/login' + payload = {'username': 'invaliduser', 'password': 'wrongpass'} + response = await httpx.post(url, json=payload) + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_empty_payload(): + url = f'{API_BASE_URL}/api/access/login' + payload = {} + response = await httpx.post(url, json=payload) + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_large_payload(): + url = f'{API_BASE_URL}/api/access/login' + payload = {'username': 'testuser', 'password': 'testpass' * 1000} + response = await httpx.post(url, json=payload) + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_unauthorized(): + url = f'{API_BASE_URL}/api/access/login' + payload = {'username': 'testuser', 'password': 'wrongpass'} + response = await httpx.post(url, json=payload) + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_forbidden(): + url = f'{API_BASE_URL}/api/access/login' + payload = {'username': 'forbiddenuser', 'password': 'forbiddenpass'} + response = await httpx.post(url, json=payload) + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_malformed_request(): + url = f'{API_BASE_URL}/api/access/login' + response = await httpx.post(url, data='malformed data') + + assert response.status_code == 400 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert data['status_code'] == 400 + assert data['detail'] == 'Bad Request' + + +@pytest.mark.asyncio +async def test_login_server_error(): + url = f'{API_BASE_URL}/api/access/login' + # Simulate server error by sending a request to an invalid endpoint + response = await httpx.post(url + '/invalid', json={'username': 'testuser', 'password': 'testpass'}) + + assert response.status_code == 404 + assert response.headers['Content-Type'] == 'application/json' + data = response.json() + assert 'detail' in data