resolutionflow/backend/tests/test_email_verification.py

"""Tests for email verification endpoints."""

import pytest
from httpx import AsyncClient


@pytest.mark.asyncio
class TestEmailVerification:
    """Test email verification send + verify flow."""

    async def test_send_verification(self, client: AsyncClient, auth_headers: dict):
        """Send verification email returns 200."""
        response = await client.post(
            "/api/v1/auth/email/send-verification",
            headers=auth_headers,
        )
        assert response.status_code == 200
        assert "sent" in response.json()["message"].lower()

    async def test_send_verification_already_verified(
        self, client: AsyncClient, auth_headers: dict, test_db
    ):
        """Returns 400 if email is already verified."""
        from sqlalchemy import select, update
        from datetime import datetime, timezone
        from app.models.user import User

        # Manually mark email as verified
        await test_db.execute(
            update(User).where(User.email == "test@example.com").values(
                email_verified_at=datetime.now(timezone.utc)
            )
        )
        await test_db.commit()

        response = await client.post(
            "/api/v1/auth/email/send-verification",
            headers=auth_headers,
        )
        assert response.status_code == 400
        assert "already verified" in response.json()["detail"].lower()

    async def test_verify_invalid_token(self, client: AsyncClient):
        """Invalid token returns 400."""
        response = await client.post(
            "/api/v1/auth/email/verify",
            json={"token": "invalid-token"},
        )
        assert response.status_code == 400

    async def test_verify_missing_token(self, client: AsyncClient):
        """Missing token returns 400."""
        response = await client.post(
            "/api/v1/auth/email/verify",
            json={},
        )
        assert response.status_code == 400