from django.test import TestCase from django.urls import reverse from rest_framework.test import APIClient from rest_framework import status from django.contrib.auth import get_user_model from tenants.models import Tenant User = get_user_model() class AuthTests(TestCase): def setUp(self): self.client = APIClient() self.tenant = Tenant.objects.create(name='Test Tenant', subdomain='testtenant') self.register_url = reverse('auth_register') self.login_url = reverse('token_obtain_pair') self.profile_url = reverse('user_profile') self.user_data = { 'username': 'testuser', 'email': 'testuser@example.com', 'password': 'strongpassword123', 'first_name': 'Test', 'last_name': 'User', 'role': 'student' } def test_registration(self): # Register a new user response = self.client.post(self.register_url, self.user_data, format='json') self.assertEqual(response.status_code, status.HTTP_201_CREATED) user = User.objects.get(username='testuser') self.assertTrue(user.check_password('strongpassword123')) self.assertEqual(user.role, 'student') def test_login_and_profile(self): # First create the user user = User.objects.create_user( username='testuser', password='strongpassword123', role='teacher', tenant=self.tenant ) # Login to get tokens login_data = {'username': 'testuser', 'password': 'strongpassword123'} response = self.client.post(self.login_url, login_data, format='json') self.assertEqual(response.status_code, status.HTTP_200_OK) self.assertIn('access', response.data) self.assertIn('refresh', response.data) access_token = response.data['access'] # Fetch profile using the token self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + access_token) profile_response = self.client.get(self.profile_url) self.assertEqual(profile_response.status_code, status.HTTP_200_OK) self.assertEqual(profile_response.data['username'], 'testuser') self.assertEqual(profile_response.data['role'], 'teacher') self.assertEqual(profile_response.data['tenant']['id'], self.tenant.id)