test: add pytest suite covering auth, invites, admin and OIDC flows (59 tests)

tests/conftest.py

@@ -0,0 +1,64 @@
+"""Shared fixtures for bincio-auth tests."""
+
+from __future__ import annotations
+
+import pytest
+from fastapi.testclient import TestClient
+
+from bincio.auth import deps
+from bincio.auth.db import create_invite, create_user, open_db
+from bincio.auth.server import app
+
+
+@pytest.fixture(autouse=True)
+def _reset_deps(tmp_path):
+    """Isolate each test: fresh DB, clean module state."""
+    deps.data_dir = tmp_path
+    deps.jwt_secret = "test-secret-32-bytes-long-enough!"
+    deps._db = None
+    deps.oidc_private_key_pem = ""
+    deps.oidc_issuer = ""
+    deps._login_attempts.clear()
+    deps._register_attempts.clear()
+    yield
+    if deps._db is not None:
+        deps._db.close()
+    deps._db = None
+
+
+@pytest.fixture()
+def db():
+    return deps._get_db()
+
+
+@pytest.fixture()
+def client():
+    return TestClient(app, raise_server_exceptions=True)
+
+
+@pytest.fixture()
+def admin(db):
+    return create_user(db, "admin", "Admin", "adminpass1", is_admin=True)
+
+
+@pytest.fixture()
+def user(db):
+    return create_user(db, "alice", "Alice", "alicepass1")
+
+
+@pytest.fixture()
+def invite(db, admin):
+    return create_invite(db, admin.handle)
+
+
+def login(client: TestClient, handle: str, password: str) -> str:
+    """Helper: POST /api/auth/login and return the session cookie value."""
+    r = client.post("/api/auth/login", json={"handle": handle, "password": password})
+    assert r.status_code == 200
+    return r.cookies["bincio_session"]
+
+
+def auth_cookies(handle: str, password: str, client: TestClient) -> dict:
+    """Return a cookies dict suitable for authenticated requests."""
+    token = login(client, handle, password)
+    return {"bincio_session": token}