feat: Implement random password and token generation for tests

2025-11-12 11:53:44 +01:00
parent 3bdae3c54c
commit e06a6ae068
8 changed files with 83 additions and 41 deletions
--- a/tests/test_dependencies_guards.py
+++ b/tests/test_dependencies_guards.py
@@ -16,6 +16,7 @@ from dependencies import (
 )
 from models import Project, Scenario, User
 from services.session import AuthSession, SessionTokens
+from tests.utils.security import random_password, random_token


@pytest.fixture()
@@ -40,7 +41,7 @@ def _create_user(
    user = User(
        email=f"{_unique('user')}@example.com",
        username=_unique('user'),
-        password_hash=User.hash_password("password"),
+        password_hash=User.hash_password(random_password()),
        is_active=is_active,
        is_superuser=is_superuser,
    )
@@ -76,11 +77,12 @@ def test_require_current_user_returns_authenticated_user():
    user = User(
        email="user@example.com",
        username="user",
-        password_hash=User.hash_password("password"),
+        password_hash=User.hash_password(random_password()),
        is_active=True,
    )
-    session = AuthSession(tokens=SessionTokens(
-        access_token="token", refresh_token=None))
+    session = AuthSession(
+        tokens=SessionTokens(access_token=random_token(), refresh_token=None)
+    )
    session.user = user

    result = require_current_user(session=session)
@@ -99,10 +101,11 @@ def test_require_current_user_raises_when_session_missing():


 def test_require_authenticated_user_blocks_inactive_users():
+    inactive_password = random_password()
    user = User(
        email="user@example.com",
        username="user",
-        password_hash=User.hash_password("password"),
+        password_hash=User.hash_password(inactive_password),
        is_active=False,
    )