first commit

tests/test_auth.py

@@ -0,0 +1,24 @@
+from app.models import PasswordResetToken, User
+
+
+def test_login_success(client):
+    response = client.post('/login', data={'email': 'user@test.com', 'password': 'Password123!'}, follow_redirects=True)
+    assert response.status_code == 200
+    assert b'Dashboard' in response.data or b'Panel' in response.data
+
+
+def test_honeypot_blocks_login(client):
+    response = client.post('/login', data={'email': 'user@test.com', 'password': 'Password123!', 'website': 'spam'}, follow_redirects=True)
+    assert response.status_code == 200
+
+
+def test_password_reset_flow(client, app):
+    client.post('/forgot-password', data={'email': 'user@test.com'}, follow_redirects=True)
+    with app.app_context():
+        token = PasswordResetToken.query.join(User).filter(User.email == 'user@test.com').first()
+        assert token is not None
+    response = client.post(f'/reset-password/{token.token}', data={'password': 'NewPassword123!', 'confirm_password': 'NewPassword123!'}, follow_redirects=True)
+    assert response.status_code == 200
+    with app.app_context():
+        user = User.query.filter_by(email='user@test.com').first()
+        assert user.check_password('NewPassword123!')