Auth Service Tests
Overview
Integration tests for the auth-service, testing complete user flows against a live service.
Running Tests
cd /backend
make test auth
Test Configuration
- Base URL:
http://localhost:80/api/auth(via gateway) - Email Domain:
@test.vislagps.com(generated per test) - Environment: Requires
ENVIRONMENT=devfor token extraction
Test Flows
| Test Class | Description |
|---|---|
TestBasicRegistrationFlow | health → register → verify → login → profile → delete |
TestResendVerificationFlow | register → resend → old token fails → new token works |
TestUnverifiedLoginFailFlow | login before verify fails (403) → verify → login succeeds |
TestLogoutFlow | logout → token blacklisted → profile fails (401) |
TestPasswordResetFlow | reset → update password → old fails → new works |
TestTwoFactorFlow | setup 2FA → verify → logout → 2FA login required |
TestTwoFactorBackupCodeFlow | 2FA → login with backup code instead of TOTP |
TestTwoFactorRegenerateFlow | regenerate → old codes fail → new codes work |
TestTwoFactorDisableFlow | disable 2FA → login no longer requires 2FA |
TestInvalidCredentialsFlow | wrong password → 401 |
TestNonexistentUserFlow | login nonexistent → 401 |
TestInvalidTokensFlow | invalid verify/reset tokens → 400 |
TestWeakPasswordFlow | weak password → 400 |
TestTermsNotAcceptedFlow | terms=false → 400 |
Helper Functions
Located in tests/helpers.py:
| Function | Description |
|---|---|
check_health(client) | Verify service is healthy |
register_user(client, email?, password?) | Register new user, returns verification token |
verify_email(client, token) | Verify email with token |
resend_verification(client, email) | Resend verification email |
login_user(client, email, password) | Login, handles 2FA response |
get_auth_headers(token) | Create Authorization: Bearer header |
get_profile(client, headers) | Get user profile |
logout_user(client, headers) | Blacklist token |
delete_account(client, headers) | Delete user account |
setup_2fa(client, headers) | Start 2FA setup, returns secret |
verify_2fa(client, headers, secret) | Verify TOTP code, returns backup codes |
regenerate_backup_codes(client, headers) | Generate new backup codes |
disable_2fa(client, headers) | Disable 2FA |
complete_2fa_login(client, temp_token, secret) | Complete 2FA with TOTP |
complete_2fa_login_backup(client, temp_token, code) | Complete 2FA with backup code |
request_password_reset(client, email) | Request reset, returns token |
update_password(client, token, new_password) | Set new password |
Development Mode
In ENVIRONMENT=dev, responses include tokens directly:
{
"message": "...",
"verification_token": "abc123..." // Only in dev mode
}
This allows tests to extract tokens without email access.