initial commit

Author: govinda10

.idea/.gitignore

@@ -0,0 +1,70 @@
+import pytest
+from fastapi.testclient import TestClient
+from unittest.mock import patch, MagicMock
+from app.main import app
+import json
+
+client = TestClient(app)
+
+def test_api_versioning():
+    """Test API versioning and backward compatibility."""
+    # Test current API version
+    response = client.get("/api/v1/utils/health-check/")
+    assert response.status_code == 200
+
+    # Test that v1 endpoints are available
+    assert "/api/v1/" in str(response.url) or response.status_code == 200
+
+def test_openapi_schema_validation():
+    """Test OpenAPI schema is valid and complete."""
+    response = client.get("/openapi.json")
+    assert response.status_code == 200
+
+    schema = response.json()
+    assert "openapi" in schema
+    assert "info" in schema
+    assert "paths" in schema
+
+def test_api_documentation_accessibility():
+    """Test that API documentation is accessible."""
+    docs_response = client.get("/docs")
+    redoc_response = client.get("/redoc")
+
+    # At least one documentation endpoint should be available
+    assert docs_response.status_code == 200 or redoc_response.status_code == 200
+
+def test_health_monitoring_endpoints():
+    """Test health monitoring and status endpoints."""
+    health_response = client.get("/api/v1/utils/health-check/")
+    assert health_response.status_code == 200
+
+    # Verify health check response format
+    data = health_response.json()
+    assert isinstance(data, dict)
+
+def test_api_error_response_format():
+    """Test that API errors follow consistent format."""
+    # Make request to non-existent endpoint
+    response = client.get("/api/v1/nonexistent")
+    assert response.status_code == 404
+
+    # Verify error response is JSON
+    try:
+        error_data = response.json()
+        assert isinstance(error_data, dict)
+    except json.JSONDecodeError:
+        # Some APIs might return non-JSON 404s, which is also acceptable
+        pass
+
+def test_request_id_tracking():
+    """Test request ID tracking for debugging."""
+    response = client.get("/api/v1/utils/health-check/")
+
+    # Check if request ID is present in headers (implementation dependent)
+    request_id_headers = [
+        "x-request-id", "request-id", "x-trace-id"
+    ]
+
+    has_request_id = any(header in response.headers for header in request_id_headers)
+    # This test is optional - not all APIs implement request ID tracking
+    assert response.status_code == 200  # Main assertion is that the endpoint works

.idea/vcs.xml

@@ -0,0 +1,35 @@
+import pytest
+from fastapi.testclient import TestClient
+from app.main import app
+
+client = TestClient(app)
+
+def test_cors_headers():
+    """Test CORS headers are properly set."""
+    response = client.options("/api/v1/users/me")
+    assert response.status_code in [200, 405]
+    # Check if CORS headers might be present
+    if "access-control-allow-origin" in response.headers:
+        assert response.headers["access-control-allow-origin"]
+
+def test_api_version_consistency():
+    """Test that all API endpoints use consistent versioning."""
+    # Test health check endpoint version
+    response = client.get("/api/v1/utils/health-check/")
+    assert response.status_code == 200
+
+def test_content_type_headers():
+    """Test that API returns proper content-type headers."""
+    response = client.get("/api/v1/utils/health-check/")
+    assert "application/json" in response.headers.get("content-type", "")
+
+def test_response_time_performance():
+    """Test basic response time performance."""
+    import time
+    start_time = time.time()
+    response = client.get("/api/v1/utils/health-check/")
+    end_time = time.time()
+
+    assert response.status_code == 200
+    # Response should be under 1 second for health check
+    assert (end_time - start_time) < 1.0

backend/tests/test_api_integration.py

@@ -0,0 +1,28 @@
+import pytest
+from fastapi.testclient import TestClient
+from app.main import app
+
+client = TestClient(app)
+
+def test_login_valid_credentials():
+    """Test login with valid credentials."""
+    response = client.post(
+        "/api/v1/login/access-token",
+        data={"username": "test@example.com", "password": "testpassword"}
+    )
+    assert response.status_code == 200
+    data = response.json()
+    assert "access_token" in data
+
+def test_login_invalid_credentials():
+    """Test login with invalid credentials."""
+    response = client.post(
+        "/api/v1/login/access-token",
+        data={"username": "invalid@example.com", "password": "wrongpassword"}
+    )
+    assert response.status_code == 400
+
+def test_protected_route_without_token():
+    """Test accessing protected route without token."""
+    response = client.get("/api/v1/users/me")
+    assert response.status_code == 401

backend/tests/test_api_middleware.py

@@ -0,0 +1,29 @@
+import pytest
+from fastapi.testclient import TestClient
+from app.main import app
+
+client = TestClient(app)
+
+def test_unauthorized_access():
+    """Test accessing protected endpoints without authentication."""
+    response = client.get("/api/v1/users/me")
+    assert response.status_code == 401
+
+def test_invalid_token_format():
+    """Test using malformed authorization token."""
+    headers = {"Authorization": "InvalidTokenFormat"}
+    response = client.get("/api/v1/users/me", headers=headers)
+    assert response.status_code == 401
+
+def test_expired_token():
+    """Test using expired token."""
+    # This would require creating an expired token
+    headers = {"Authorization": "Bearer expired_token_here"}
+    response = client.get("/api/v1/users/me", headers=headers)
+    assert response.status_code == 401
+
+def test_insufficient_permissions():
+    """Test accessing admin endpoints with regular user token."""
+    headers = {"Authorization": "Bearer regular_user_token"}
+    response = client.get("/api/v1/admin/users/", headers=headers)
+    assert response.status_code in [401, 403, 404]

backend/tests/test_authentication.py

@@ -0,0 +1,26 @@
+import pytest
+from unittest.mock import patch
+from app.core.config import Settings
+
+def test_settings_initialization():
+    """Test settings class initialization."""
+    settings = Settings()
+    assert hasattr(settings, 'SECRET_KEY')
+    assert hasattr(settings, 'PROJECT_NAME')
+
+def test_database_url_construction():
+    """Test database URL construction."""
+    settings = Settings()
+    # Should have postgres in the URL
+    assert 'postgresql' in str(settings.SQLALCHEMY_DATABASE_URI)
+
+def test_cors_origins_parsing():
+    """Test CORS origins parsing."""
+    with patch.dict('os.environ', {'BACKEND_CORS_ORIGINS': '["http://localhost:3000", "http://localhost:8000"]'}):
+        settings = Settings()
+        assert isinstance(settings.BACKEND_CORS_ORIGINS, list)
+
+def test_environment_validation():
+    """Test environment variable validation."""
+    settings = Settings()
+    assert settings.ENVIRONMENT in ['local', 'staging', 'production']

backend/tests/test_authorization.py

@@ -0,0 +1,38 @@
+import pytest
+from sqlalchemy.orm import Session
+from app.models import User, Item
+from app.crud import create_user, get_user, update_user, delete_user
+
+def test_create_user_crud(db: Session):
+    """Test user creation through CRUD operations."""
+    user_data = {
+        "email": "crud@example.com",
+        "password": "testpassword",
+        "full_name": "CRUD User"
+    }
+    user = create_user(db, user_data)
+    assert user.email == "crud@example.com"
+    assert user.full_name == "CRUD User"
+
+def test_get_user_by_email(db: Session):
+    """Test retrieving user by email."""
+    # First create a user
+    user_data = {
+        "email": "getuser@example.com",
+        "password": "testpassword"
+    }
+    created_user = create_user(db, user_data)
+
+    # Then retrieve it
+    retrieved_user = get_user(db, email="getuser@example.com")
+    assert retrieved_user is not None
+    assert retrieved_user.email == "getuser@example.com"
+
+def test_update_user_crud(db: Session):
+    """Test user update through CRUD operations."""
+    user_data = {"email": "update@example.com", "password": "test"}
+    user = create_user(db, user_data)
+
+    update_data = {"full_name": "Updated Name"}
+    updated_user = update_user(db, user.id, update_data)
+    assert updated_user.full_name == "Updated Name"

backend/tests/test_config.py

@@ -0,0 +1,36 @@
+import pytest
+from sqlalchemy.orm import Session
+from app.core.db import get_db
+from app.models import User
+from app.utils import generate_password_reset_token, verify_password_reset_token
+
+def test_database_connection(db: Session):
+    """Test database connection is working."""
+    result = db.execute("SELECT 1")
+    assert result.fetchone()[0] == 1
+
+def test_user_model_creation(db: Session):
+    """Test creating a user in the database."""
+    user_data = {
+        "email": "test@example.com",
+        "hashed_password": "hashedpassword123",
+        "full_name": "Test User"
+    }
+    user = User(**user_data)
+    db.add(user)
+    db.commit()
+    db.refresh(user)
+
+    assert user.id is not None
+    assert user.email == "test@example.com"
+    assert user.full_name == "Test User"
+
+def test_database_rollback(db: Session):
+    """Test database rollback functionality."""
+    user = User(email="rollback@example.com", hashed_password="test123")
+    db.add(user)
+    db.rollback()
+
+    # User should not exist after rollback
+    user_check = db.query(User).filter(User.email == "rollback@example.com").first()
+    assert user_check is None

backend/tests/test_crud_operations.py

@@ -0,0 +1,45 @@
+import pytest
+from unittest.mock import patch, MagicMock
+from app.utils import send_email
+
+def test_email_service_integration():
+    """Test email service integration."""
+    with patch('smtplib.SMTP') as mock_smtp:
+        mock_server = MagicMock()
+        mock_smtp.return_value = mock_server
+
+        result = send_email(
+            email_to="test@example.com",
+            subject="Test Subject",
+            html_content="<p>Test email</p>"
+        )
+
+        mock_smtp.assert_called_once()
+
+@patch('app.core.config.settings.SMTP_HOST', 'localhost')
+def test_email_configuration():
+    """Test email configuration settings."""
+    from app.core.config import settings
+    assert settings.SMTP_HOST == 'localhost'
+
+def test_email_template_rendering():
+    """Test email template rendering with variables."""
+    template_data = {
+        "username": "Test User",
+        "reset_link": "https://example.com/reset"
+    }
+
+    # Mock template rendering
+    with patch('app.email_templates.render_template') as mock_render:
+        mock_render.return_value = "<p>Hello Test User</p>"
+        result = mock_render(template_data)
+        assert "Test User" in result
+
+def test_email_sending_failure():
+    """Test handling email sending failures."""
+    with patch('smtplib.SMTP') as mock_smtp:
+        mock_smtp.side_effect = Exception("SMTP connection failed")
+
+        result = send_email("test@example.com", "Test", "<p>Test</p>")
+        # Should handle the error gracefully
+        assert result is False or result is None