import time
import pytest
from app.utils.security import create_upload_token, verify_upload_token


def test_upload_token_creation():
    """Test that upload tokens can be created with expected fields."""
    file_path = "images/test.jpg"
    content_type = "image/jpeg"

    token = create_upload_token(file_path, content_type)

    assert token is not None
    assert isinstance(token, str)
    assert len(token) > 0


def test_upload_token_verification():
    """Test that created tokens can be verified."""
    file_path = "images/test.jpg"
    content_type = "image/jpeg"

    token = create_upload_token(file_path, content_type)
    payload = verify_upload_token(token)

    assert payload is not None
    assert payload["path"] == file_path
    assert payload["content_type"] == content_type
    assert payload["exp"] > int(time.time())


def test_upload_token_expiration():
    """Test that expired tokens are rejected."""
    file_path = "images/test.jpg"
    content_type = "image/jpeg"

    # Create a token that expires in 1 second
    token = create_upload_token(file_path, content_type, expires_in=1)

    # Wait for it to expire
    time.sleep(2)

    payload = verify_upload_token(token)
    assert payload is None


def test_upload_token_tampered():
    """Test that tampered tokens are rejected."""
    file_path = "images/test.jpg"
    content_type = "image/jpeg"

    token = create_upload_token(file_path, content_type)

    # Tamper with the token
    tampered_token = token[:-5] + "XXXXX"

    payload = verify_upload_token(tampered_token)
    assert payload is None