test(api): Add failing authentication tests

tests/api/test_auth.py

@@ -0,0 +1,76 @@
+import pytest
+from fastapi.testclient import TestClient
+from unittest.mock import MagicMock, patch
+from ea_chatbot.api.main import app
+from ea_chatbot.history.models import User
+
+# We will need to mock HistoryManager and get_db dependencies later
+# For now, we define the expected behavior of the auth endpoints.
+
+client = TestClient(app)
+
+@pytest.fixture
+def mock_user():
+    return User(
+        id="user-123",
+        username="test@example.com",
+        display_name="Test User",
+        password_hash="hashed_password"
+    )
+
+def test_register_user_success():
+    """Test successful user registration."""
+    # We'll need to mock history_manager.get_user and create_user
+    with patch("ea_chatbot.api.routers.auth.history_manager") as mock_hm:
+        mock_hm.get_user.return_value = None
+        mock_hm.create_user.return_value = User(id="1", username="new@example.com", display_name="New")
+        
+        response = client.post(
+            "/auth/register",
+            json={"email": "new@example.com", "password": "password123", "display_name": "New"}
+        )
+        
+        # This will fail now because the router doesn't exist
+        assert response.status_code == 201
+        assert response.json()["email"] == "new@example.com"
+
+def test_login_success():
+    """Test successful login and JWT return."""
+    with patch("ea_chatbot.api.routers.auth.history_manager") as mock_hm:
+        mock_hm.authenticate_user.return_value = User(id="1", username="test@example.com")
+        
+        response = client.post(
+            "/auth/login",
+            data={"username": "test@example.com", "password": "password123"}
+        )
+        
+        assert response.status_code == 200
+        assert "access_token" in response.json()
+        assert response.json()["token_type"] == "bearer"
+
+def test_login_invalid_credentials():
+    """Test login with wrong password."""
+    with patch("ea_chatbot.api.routers.auth.history_manager") as mock_hm:
+        mock_hm.authenticate_user.return_value = None
+        
+        response = client.post(
+            "/auth/login",
+            data={"username": "test@example.com", "password": "wrongpassword"}
+        )
+        
+        assert response.status_code == 401
+        assert "detail" in response.json()
+
+def test_protected_route_without_token():
+    """Test that protected routes require a token."""
+    response = client.get("/auth/me")
+    assert response.status_code == 401
+
+def test_oidc_login_redirect():
+    """Test that OIDC login returns a redirect URL."""
+    with patch("ea_chatbot.api.routers.auth.oidc_client") as mock_oidc:
+        mock_oidc.get_login_url.return_value = "https://oidc-provider.com/auth"
+        
+        response = client.get("/auth/oidc/login")
+        assert response.status_code == 200
+        assert response.json()["url"] == "https://oidc-provider.com/auth"