"""Integration tests for authentication endpoints."""

import pytest


@pytest.mark.integration
class TestAuthIntegration:
    """Integration tests for authentication flow."""

    def test_login_success(self, client, test_login):
        """Test successful login with real DB API."""
        response = client.post(
            "/api/v1/auth/login",
            params={"login": test_login}
        )

        assert response.status_code == 200

        data = response.json()
        assert "access_token" in data
        assert data["token_type"] == "bearer"
        assert "user" in data

        user = data["user"]
        assert user["login"] == test_login
        assert "user_id" in user
        assert "created_at" in user
        assert "last_login_at" in user

    def test_login_invalid_format(self, client):
        """Test login with invalid format."""
        response = client.post(
            "/api/v1/auth/login",
            params={"login": "123"}  
        )

        assert response.status_code == 422  

    def test_login_nonexistent_user(self, client):
        """Test login with non-existent user."""
        response = client.post(
            "/api/v1/auth/login",
            params={"login": "00000000"}  
        )

        
        
        assert response.status_code in [200, 404]

    def test_token_contains_user_info(self, client, test_login):
        """Test that JWT token contains user information."""
        from app.utils.security import decode_access_token

        response = client.post(
            "/api/v1/auth/login",
            params={"login": test_login}
        )

        assert response.status_code == 200
        token = response.json()["access_token"]

        
        payload = decode_access_token(token)
        assert payload["login"] == test_login
        assert "user_id" in payload
        assert "exp" in payload

    def test_protected_endpoint_without_token(self, client):
        """Test accessing protected endpoint without token."""
        response = client.get("/api/v1/settings")

        assert response.status_code == 401

    def test_protected_endpoint_with_token(self, client, auth_headers):
        """Test accessing protected endpoint with valid token."""
        response = client.get("/api/v1/settings", headers=auth_headers)

        
        assert response.status_code in [200, 404]

    def test_protected_endpoint_with_invalid_token(self, client):
        """Test accessing protected endpoint with invalid token."""
        headers = {"Authorization": "Bearer invalid_token_here"}
        response = client.get("/api/v1/settings", headers=headers)

        assert response.status_code == 401