social-app/backend/tests/unit/v1/auth/test_auth_models.py

from __future__ import annotations

import pytest
from pydantic import ValidationError

from v1.auth.schemas import (
    AuthUser,
    SessionCreateRequest,
    SessionRefreshRequest,
    SessionResponse,
    VerificationCreateRequest,
    VerificationVerifyRequest,
    VerificationResendRequest,
)


def test_signup_requires_valid_email() -> None:
    with pytest.raises(ValidationError):
        VerificationCreateRequest(
            username="demo", email="not-an-email", password="secret123"
        )


def test_signup_requires_username() -> None:
    with pytest.raises(ValidationError):
        VerificationCreateRequest.model_validate(
            {"email": "user@example.com", "password": "secret123"}
        )


def test_signup_allows_any_invite_code_input() -> None:
    request = VerificationCreateRequest(
        username="demo",
        email="user@example.com",
        password="secret123",
        invite_code="abc123",
    )

    assert request.invite_code == "abc123"


def test_signup_verify_requires_six_digit_token() -> None:
    with pytest.raises(ValidationError):
        VerificationVerifyRequest(email="user@example.com", token="abc123")


def test_signup_verify_disallows_new_password() -> None:
    with pytest.raises(ValidationError):
        VerificationVerifyRequest(
            type="signup",
            email="user@example.com",
            token="123456",
            new_password="secret123",
        )


def test_recovery_verify_requires_new_password() -> None:
    with pytest.raises(ValidationError):
        VerificationVerifyRequest(
            type="recovery",
            email="user@example.com",
            token="123456",
        )


def test_signup_resend_requires_valid_email() -> None:
    with pytest.raises(ValidationError):
        VerificationResendRequest(email="invalid")


def test_login_requires_valid_email() -> None:
    with pytest.raises(ValidationError):
        SessionCreateRequest(email="invalid", password="secret123")


def test_refresh_requires_token() -> None:
    with pytest.raises(ValidationError):
        SessionRefreshRequest(refresh_token="")


def test_session_response_maps_user() -> None:
    user = AuthUser(id="user-1", email="user@example.com")
    response = SessionResponse(
        access_token="access",
        refresh_token="refresh",
        expires_in=3600,
        token_type="bearer",
        user=user,
    )

    assert response.user.id == "user-1"
    assert response.user.email == "user@example.com"