Auth Service Tests
Overviewβ
Integration tests for the auth-service, testing complete user flows against a live service.
Running Testsβ
cd /backend
make test auth
Test Configurationβ
- Base URL:
http://localhost:80/api/auth(via gateway) - Email Domain:
@test.vislagps.com(generated per test) - Environment: Requires
ENVIRONMENT=devfor token extraction
Test Flowsβ
| Test Class | Description |
|---|---|
TestBasicRegistrationFlow | health β register β verify β login β profile β delete |
TestResendVerificationFlow | register β resend β old token fails β new token works |
TestUnverifiedLoginFailFlow | login before verify fails (403) β verify β login succeeds |
TestLogoutFlow | logout β token blacklisted β profile fails (401) |
TestPasswordResetFlow | reset β update password β old fails β new works |
TestTwoFactorFlow | setup 2FA β verify β logout β 2FA login required |
TestTwoFactorBackupCodeFlow | 2FA β login with backup code instead of TOTP |
TestTwoFactorRegenerateFlow | regenerate β old codes fail β new codes work |
TestTwoFactorDisableFlow | disable 2FA β login no longer requires 2FA |
TestInvalidCredentialsFlow | wrong password β 401 |
TestNonexistentUserFlow | login nonexistent β 401 |
TestInvalidTokensFlow | invalid verify/reset tokens β 400 |
TestWeakPasswordFlow | weak password β 400 |
TestTermsNotAcceptedFlow | terms=false β 400 |
Helper Functionsβ
Located in tests/helpers.py:
| Function | Description |
|---|---|
check_health(client) | Verify service is healthy |
register_user(client, email?, password?) | Register new user, returns verification token |
verify_email(client, token) | Verify email with token |
resend_verification(client, email) | Resend verification email |
login_user(client, email, password) | Login, handles 2FA response |
get_auth_headers(token) | Create Authorization: Bearer header |
get_profile(client, headers) | Get user profile |
logout_user(client, headers) | Blacklist token |
delete_account(client, headers) | Delete user account |
setup_2fa(client, headers) | Start 2FA setup, returns secret |
verify_2fa(client, headers, secret) | Verify TOTP code, returns backup codes |
regenerate_backup_codes(client, headers) | Generate new backup codes |
disable_2fa(client, headers) | Disable 2FA |
complete_2fa_login(client, temp_token, secret) | Complete 2FA with TOTP |
complete_2fa_login_backup(client, temp_token, code) | Complete 2FA with backup code |
request_password_reset(client, email) | Request reset, returns token |
update_password(client, token, new_password) | Set new password |
Development Modeβ
In ENVIRONMENT=dev, responses include tokens directly:
{
"message": "...",
"verification_token": "abc123..." // Only in dev mode
}
This allows tests to extract tokens without email access.