from app.models import PasswordResetToken, User


def test_login_success(client):
    response = client.post('/login', data={'email': 'user@test.com', 'password': 'Password123!'}, follow_redirects=True)
    assert response.status_code == 200
    assert b'Dashboard' in response.data or b'Panel' in response.data


def test_honeypot_blocks_login(client):
    response = client.post('/login', data={'email': 'user@test.com', 'password': 'Password123!', 'website': 'spam'}, follow_redirects=True)
    assert response.status_code == 200


def test_password_reset_flow(client, app):
    client.post('/forgot-password', data={'email': 'user@test.com'}, follow_redirects=True)
    with app.app_context():
        token = PasswordResetToken.query.join(User).filter(User.email == 'user@test.com').first()
        assert token is not None
    response = client.post(f'/reset-password/{token.token}', data={'password': 'NewPassword123!', 'confirm_password': 'NewPassword123!'}, follow_redirects=True)
    assert response.status_code == 200
    with app.app_context():
        user = User.query.filter_by(email='user@test.com').first()
        assert user.check_password('NewPassword123!')