monoadmin/the-other-dude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(ci): mint JWT directly in test auth factory

Browse Source 
The test admin_session uses savepoint transactions invisible to the
login endpoint's own DB session. Mint tokens directly instead of
going through /api/auth/login.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jason Staack
2026-03-14 23:07:28 -05:00
parent fe23459369
commit 68c93a6caa
1 changed files with 19 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
backend/tests/integration/conftest.py
View File

@@ -396,11 +396,15 @@ def create_test_device():
@pytest.fixture @pytest.fixture
def auth_headers_factory(client, create_test_tenant, create_test_user): def auth_headers_factory(create_test_tenant, create_test_user):
"""Factory to create authenticated headers for a test user. """Factory to create authenticated headers for a test user.
Creates a tenant + user, logs in via the test client, and returns Creates a tenant + user, generates a JWT directly (no HTTP login
the Authorization headers dict ready for use in subsequent requests. round-trip), and returns the Authorization headers dict.
We mint the token directly rather than going through /api/auth/login
because the test admin_session uses a savepoint transaction that is
invisible to the login endpoint's own DB session.
""" """
async def _create( async def _create(
@@ -411,7 +415,9 @@ def auth_headers_factory(client, create_test_tenant, create_test_user):
tenant_name: str | None = None, tenant_name: str | None = None,
existing_tenant_id: uuid.UUID | None = None, existing_tenant_id: uuid.UUID | None = None,
) -> dict[str, Any]: ) -> dict[str, Any]:
"""Create user, login, return headers + tenant/user info.""" """Create user, mint JWT, return headers + tenant/user info."""
from app.services.auth import create_access_token
if existing_tenant_id: if existing_tenant_id:
tenant_id = existing_tenant_id tenant_id = existing_tenant_id
else: else:
@@ -425,25 +431,21 @@ def auth_headers_factory(client, create_test_tenant, create_test_user):
password=password, password=password,
role=role, role=role,
) )
await admin_session.commit() await admin_session.flush()
user_email = user.email access_token = create_access_token(
user_id=user.id,
# Login via the API tenant_id=tenant_id,
login_resp = await client.post( role=role,
"/api/auth/login",
json={"email": user_email, "password": password},
) )
assert login_resp.status_code == 200, f"Login failed: {login_resp.text}"
tokens = login_resp.json()
return { return {
"headers": {"Authorization": f"Bearer {tokens['access_token']}"}, "headers": {"Authorization": f"Bearer {access_token}"},
"access_token": tokens["access_token"], "access_token": access_token,
"refresh_token": tokens.get("refresh_token"), "refresh_token": None,
"tenant_id": str(tenant_id), "tenant_id": str(tenant_id),
"user_id": str(user.id), "user_id": str(user.id),
"user_email": user_email, "user_email": user.email,
} }
return _create return _create