nessi/NexaPantry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
15d47d49bfb0c5b68bbebcce20a05fa28ba79d44
NexaPantry/backend/app/tests/test_security.py
nessi 10a06791db
Some checks failed
CI / backend (push) Successful in 23s
Details
CI / frontend (push) Successful in 41s
Details
CI / docker (push) Failing after 56s
Details
fix: support comma-separated CORS_ORIGINS environment variable 
Add NoDecode annotation to cors_origins field in Settings to properly parse comma-separated values from environment variables. Add test to verify CORS_ORIGINS accepts comma-separated list.
2026-06-04 10:43:15 +02:00

26 lines
930 B
Python
Raw Blame History

from app.core.config import Settings
from app.core.security import hash_password, hash_token, verify_password
def test_password_hash_roundtrip() -> None:
password_hash = hash_password("a-very-long-password")
assert password_hash != "a-very-long-password"
assert verify_password("a-very-long-password", password_hash)
assert not verify_password("wrong-password", password_hash)
def test_tokens_are_hashed() -> None:
assert hash_token("secret") == hash_token("secret")
assert hash_token("secret") != "secret"
def test_cors_origins_accept_comma_separated_env(monkeypatch) -> None:
monkeypatch.setenv("JWT_SECRET_KEY", "test-jwt-secret")
monkeypatch.setenv("SETTINGS_SECRET_KEY", "test-settings-secret")
monkeypatch.setenv("CORS_ORIGINS", "http://localhost,http://localhost:5173")
settings = Settings()
assert settings.cors_origins == ["http://localhost", "http://localhost:5173"]
Reference in New Issue View Git Blame Copy Permalink