cardosofelipe/fast-next-template
Template
1
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Refactor authentication services to async password handling; optimize bulk operations and queries

Browse Source 
- Updated `verify_password` and `get_password_hash` to their async counterparts to prevent event loop blocking.
- Replaced N+1 query patterns in `admin.py` and `session_async.py` with optimized bulk operations for improved performance.
- Enhanced `user_async.py` with bulk update and soft delete methods for efficient user management.
- Added eager loading support in CRUD operations to prevent N+1 query issues.
- Updated test cases with stronger password examples for better security representation.
This commit is contained in:
Felipe Cardoso
2025-11-01 03:53:22 +01:00
parent 819f3ba963
commit 3fe5d301f8
17 changed files with 397 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
backend/tests/api/test_auth_password_reset.py
View File

@@ -148,7 +148,7 @@ class TestPasswordResetConfirm:
"""Test password reset confirmation with valid token."""
# Generate valid token
token = create_password_reset_token(async_test_user.email)
new_password = "NewSecure123"
new_password = "NewSecure123!"
response = await client.post(
"/api/v1/auth/password-reset/confirm",
@@ -186,7 +186,7 @@ class TestPasswordResetConfirm:
"/api/v1/auth/password-reset/confirm",
json={
"token": token,
"new_password": "NewSecure123"
"new_password": "NewSecure123!"
}
)
@@ -204,7 +204,7 @@ class TestPasswordResetConfirm:
"/api/v1/auth/password-reset/confirm",
json={
"token": "invalid_token_xyz",
"new_password": "NewSecure123"
"new_password": "NewSecure123!"
}
)
@@ -233,7 +233,7 @@ class TestPasswordResetConfirm:
"/api/v1/auth/password-reset/confirm",
json={
"token": tampered,
"new_password": "NewSecure123"
"new_password": "NewSecure123!"
}
)
@@ -249,7 +249,7 @@ class TestPasswordResetConfirm:
"/api/v1/auth/password-reset/confirm",
json={
"token": token,
"new_password": "NewSecure123"
"new_password": "NewSecure123!"
}
)
@@ -276,7 +276,7 @@ class TestPasswordResetConfirm:
"/api/v1/auth/password-reset/confirm",
json={
"token": token,
"new_password": "NewSecure123"
"new_password": "NewSecure123!"
}
)
@@ -315,7 +315,7 @@ class TestPasswordResetConfirm:
# Missing token
response = await client.post(
"/api/v1/auth/password-reset/confirm",
json={"new_password": "NewSecure123"}
json={"new_password": "NewSecure123!"}
)
assert response.status_code == status.HTTP_422_UNPROCESSABLE_ENTITY
@@ -340,7 +340,7 @@ class TestPasswordResetConfirm:
"/api/v1/auth/password-reset/confirm",
json={
"token": token,
"new_password": "NewSecure123"
"new_password": "NewSecure123!"
}
)
@@ -354,7 +354,7 @@ class TestPasswordResetConfirm:
async def test_password_reset_full_flow(self, client, async_test_user, async_test_db):
"""Test complete password reset flow."""
original_password = async_test_user.password_hash
new_password = "BrandNew123"
new_password = "BrandNew123!"
# Step 1: Request password reset
with patch('app.api.routes.auth.email_service.send_password_reset_email') as mock_send: