from app.core.security import hash_password, hash_token, verify_password


def test_password_hash_roundtrip() -> None:
    password_hash = hash_password("a-very-long-password")
    assert password_hash != "a-very-long-password"
    assert verify_password("a-very-long-password", password_hash)
    assert not verify_password("wrong-password", password_hash)


def test_tokens_are_hashed() -> None:
    assert hash_token("secret") == hash_token("secret")
    assert hash_token("secret") != "secret"