Secure-Authentication-System/test_api.py at main · clamesys/Secure-Authentication-System · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
import requests
import json
import sys

class APITester:
    """Test the Secure Authentication System API endpoints"""

    def __init__(self, base_url='http://localhost:5000'):
        self.base_url = base_url
        self.access_token = None
        self.refresh_token = None
        self.user_id = None
        self.headers = {'Content-Type': 'application/json'}

    def test_register(self, username, email, password):
        """Test user registration"""
        print("\n=== Testing User Registration ===")

        url = f"{self.base_url}/api/auth/register"
        data = {
            'username': username,
            'email': email,
            'password': password,
            'first_name': 'Test',
            'last_name': 'User'
        }

        try:
            response = requests.post(url, json=data)
            print(f"Status Code: {response.status_code}")
            print(f"Response: {response.json()}")

            if response.status_code == 201:
                print("✅ Registration successful")
                self.user_id = response.json()['user']['id']
            else:
                print("❌ Registration failed")

            return response
        except Exception as e:
            print(f"❌ Error during registration: {e}")
            return None

    def test_login(self, username, password):
        """Test user login"""
        print("\n=== Testing User Login ===")

        url = f"{self.base_url}/api/auth/login"
        data = {
            'username': username,
            'password': password
        }

        try:
            response = requests.post(url, json=data)
            print(f"Status Code: {response.status_code}")
            print(f"Response: {response.json()}")

            if response.status_code == 200:
                print("✅ Login successful")
                self.access_token = response.json()['access_token']
                self.refresh_token = response.json()['refresh_token']
                self.headers = {
                    'Content-Type': 'application/json',
                    'Authorization': f"Bearer {self.access_token}"
                }
            else:
                print("❌ Login failed")

            return response
        except Exception as e:
            print(f"❌ Error during login: {e}")
            return None

    def test_get_user_profile(self):
        """Test getting user profile"""
        print("\n=== Testing Get User Profile ===")

        if not self.access_token:
            print("❌ No access token available. Login first.")
            return None

        url = f"{self.base_url}/api/auth/me"

        try:
            response = requests.get(url, headers=self.headers)
            print(f"Status Code: {response.status_code}")
            print(f"Response: {response.json()}")

            if response.status_code == 200:
                print("✅ Profile retrieval successful")
            else:
                print("❌ Profile retrieval failed")

            return response
        except Exception as e:
            print(f"❌ Error getting user profile: {e}")
            return None

    def test_refresh_token(self):
        """Test token refresh"""
        print("\n=== Testing Token Refresh ===")

        if not self.refresh_token:
            print("❌ No refresh token available. Login first.")
            return None

        url = f"{self.base_url}/api/auth/refresh"
        data = {'refresh_token': self.refresh_token}

        try:
            response = requests.post(url, json=data)
            print(f"Status Code: {response.status_code}")
            print(f"Response: {response.json()}")

            if response.status_code == 200:
                print("✅ Token refresh successful")
                self.access_token = response.json()['access_token']
                self.headers = {
                    'Content-Type': 'application/json',
                    'Authorization': f"Bearer {self.access_token}"
                }
            else:
                print("❌ Token refresh failed")

            return response
        except Exception as e:
            print(f"❌ Error refreshing token: {e}")
            return None

    def test_all(self):
        """Run all tests"""
        username = f"testuser_{hash(str(id(self)))}"
        email = f"{username}@example.com"
        password = "Password123!"

        # Test registration
        reg_response = self.test_register(username, email, password)
        if not reg_response or reg_response.status_code != 201:
            print("Skipping remaining tests due to registration failure")
            return

        # Test login
        login_response = self.test_login(username, password)
        if not login_response or login_response.status_code != 200:
            print("Skipping remaining tests due to login failure")
            return

        # Test get user profile
        self.test_get_user_profile()

        # Test token refresh
        self.test_refresh_token()

        print("\n=== All Tests Completed ===")

def main():
    """Main function to run the tests"""
    if len(sys.argv) > 1:
        base_url = sys.argv[1]
    else:
        base_url = 'http://localhost:5000'

    print(f"Testing API at: {base_url}")
    tester = APITester(base_url)
    tester.test_all()

if __name__ == "__main__":
    main()