Refactor tests for improved readability and fixture consistency

- Reformatted headers in E2E tests to improve readability and ensure consistent style. - Updated confidential client fixture to use bcrypt for secret hashing, enhancing security and testing backward compatibility with legacy SHA-256 hashes. - Added new test cases for PKCE verification, rejecting insecure 'plain' methods, and improved error handling. - Refined session workflows and user agent handling in E2E tests for session management. - Consolidated schema operation tests and fixed minor formatting inconsistencies.
2025-11-26 00:13:53 +01:00
parent 400d6f6f75
commit 0ea428b718
6 changed files with 112 additions and 38 deletions
--- a/backend/tests/e2e/test_session_workflows.py
+++ b/backend/tests/e2e/test_session_workflows.py
@@ -23,7 +23,10 @@ pytestmark = [


 async def register_and_login(
-    client, email: str, password: str = "SecurePassword123!", user_agent: str = None
+    client,
+    email: str,
+    password: str = "SecurePassword123!",  # noqa: S107
+    user_agent: str | None = None,
 ):
    """Helper to register a user and get tokens."""
    await client.post(
@@ -117,13 +120,12 @@ class TestSessionListingWorkflows:
            )
        ).json()

-        tokens2 = (
-            await e2e_client.post(
-                "/api/v1/auth/login",
-                json={"email": email, "password": password},
-                headers={"User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 15_0)"},
-            )
-        ).json()
+        # Second login to create another session
+        await e2e_client.post(
+            "/api/v1/auth/login",
+            json={"email": email, "password": password},
+            headers={"User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 15_0)"},
+        )

        # Check sessions using first token
        response = await e2e_client.get(
@@ -162,12 +164,11 @@ class TestSessionRevocationWorkflows:
            )
        ).json()

-        tokens2 = (
-            await e2e_client.post(
-                "/api/v1/auth/login",
-                json={"email": email, "password": password},
-            )
-        ).json()
+        # Second login to create another session
+        await e2e_client.post(
+            "/api/v1/auth/login",
+            json={"email": email, "password": password},
+        )

        # Get sessions
        sessions_resp = await e2e_client.get(