Phillip Tarrant
23754ea239
Build the core user-facing experience with admin login (bcrypt + signed session cookies), profile switcher, workout day viewer with warmups and exercise cards, and HTMX-powered exercise browser with search/filter. - AuthService with bcrypt password verification and itsdangerous session tokens - Auth dependency redirects to /login (303) for unauthenticated requests - NavContextMiddleware injects admin/profiles/active_profile into all templates - Profile management (list, switch, edit) with cookie-based active profile - Workout day viewer shows warmups + exercises + per-user programming targets - Exercise browser with HTMX filter dropdowns (no page reloads) - Flash message partial for success/error feedback - 12 new tests (66 total passing) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
27 lines
857 B
Python
27 lines
857 B
Python
"""Tests for profile management routes."""
|
|
|
|
from fastapi.testclient import TestClient
|
|
|
|
|
|
class TestProfileSwitcher:
|
|
"""Tests for POST /profiles/switch."""
|
|
|
|
def test_switch_profile_requires_auth(self, client: TestClient) -> None:
|
|
"""POST /profiles/switch should require admin login."""
|
|
response = client.post(
|
|
"/profiles/switch",
|
|
data={"profile_id": "1"},
|
|
follow_redirects=False,
|
|
)
|
|
# Should redirect to login or return 401
|
|
assert response.status_code in (401, 303)
|
|
|
|
|
|
class TestProfileList:
|
|
"""Tests for GET /profiles."""
|
|
|
|
def test_profiles_page_requires_auth(self, client: TestClient) -> None:
|
|
"""GET /profiles should require admin login."""
|
|
response = client.get("/profiles", follow_redirects=False)
|
|
assert response.status_code in (401, 303)
|