Add comprehensive tests for session cleanup and async CRUD operations; improve error handling and validation across schemas and API routes

- Introduced extensive tests for session cleanup, async session CRUD methods, and concurrent cleanup to ensure reliability and efficiency. - Enhanced `schemas/users.py` with reusable password strength validation logic. - Improved error handling in `admin.py` routes by replacing `detail` with `message` for consistency and readability.
2025-11-01 05:22:45 +01:00
parent c79b76be41
commit 035e6af446
11 changed files with 3644 additions and 88 deletions
--- a/backend/tests/api/test_auth_endpoints.py
+++ b/backend/tests/api/test_auth_endpoints.py
@@ -326,59 +326,3 @@ class TestRefreshTokenEndpoint:
            )

            assert response.status_code == status.HTTP_500_INTERNAL_SERVER_ERROR
-
-
-class TestGetCurrentUserEndpoint:
-    """Tests for GET /auth/me endpoint."""
-
-    @pytest.mark.asyncio
-    async def test_get_current_user_success(self, client, async_test_user):
-        """Test getting current user info."""
-        # First, login to get an access token
-        login_response = await client.post(
-            "/api/v1/auth/login",
-            json={
-                "email": async_test_user.email,
-                "password": "TestPassword123!"
-            }
-        )
-        access_token = login_response.json()["access_token"]
-
-        # Get current user info
-        response = await client.get(
-            "/api/v1/auth/me",
-            headers={"Authorization": f"Bearer {access_token}"}
-        )
-
-        assert response.status_code == status.HTTP_200_OK
-        data = response.json()
-        assert data["email"] == async_test_user.email
-        assert data["first_name"] == async_test_user.first_name
-
-    @pytest.mark.asyncio
-    async def test_get_current_user_no_token(self, client):
-        """Test getting current user without token."""
-        response = await client.get("/api/v1/auth/me")
-
-        assert response.status_code == status.HTTP_401_UNAUTHORIZED
-
-    @pytest.mark.asyncio
-    async def test_get_current_user_invalid_token(self, client):
-        """Test getting current user with invalid token."""
-        response = await client.get(
-            "/api/v1/auth/me",
-            headers={"Authorization": "Bearer invalid_token"}
-        )
-
-        assert response.status_code == status.HTTP_401_UNAUTHORIZED
-
-    @pytest.mark.asyncio
-    async def test_get_current_user_expired_token(self, client):
-        """Test getting current user with expired token."""
-        # Use a clearly invalid/malformed token
-        response = await client.get(
-            "/api/v1/auth/me",
-            headers={"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.invalid"}
-        )
-
-        assert response.status_code == status.HTTP_401_UNAUTHORIZED