From 957902055b4742a1335343a4b9bbb4c379dbaf7a Mon Sep 17 00:00:00 2001
From: nn2-minh <Nguyen12.Minh@live.uwe.ac.uk>
Date: Sun, 27 Apr 2025 19:02:55 +0700
Subject: [PATCH] revert hashing.py, modify pytest(auth.py)
---
app/backend/utils/hashing.py | 10 ++++++++--
app/tests/test_auth.py | 4 ++--
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/app/backend/utils/hashing.py b/app/backend/utils/hashing.py
index 8fb9fbc..68970bd 100644
--- a/app/backend/utils/hashing.py
+++ b/app/backend/utils/hashing.py
@@ -42,9 +42,15 @@ def decode_token(token: str) -> int:
user_id = payload.get("sub")
if user_id is None:
print("No user_id in token payload")
- pass
+ raise HTTPException(
+ status_code=401, detail="Invalid authentication credentials"
+ )
+
return user_id
except jwt.ExpiredSignatureError:
raise HTTPException(status_code=401, detail="Token has expired")
except PyJWTError as e:
- pass
+ print(f"JWT error: {str(e)}")
+ raise HTTPException(
+ status_code=401, detail=f"Invalid authentication credentials: {str(e)}"
+ )
diff --git a/app/tests/test_auth.py b/app/tests/test_auth.py
index d42d918..14b20ee 100644
--- a/app/tests/test_auth.py
+++ b/app/tests/test_auth.py
@@ -161,7 +161,7 @@ def test_login_missing_user(client, db_session):
login_data = {"email": "nonexistent@example.com", "password": "testpassword123"}
response = client.post("/auth/login", json=login_data)
assert response.status_code == 401
- assert "Invalid credentials" in response.json()["detail"]
+ assert "Invalid email or password" in response.json()["detail"]
def test_login_invalid_credentials(client, db_session):
@@ -169,7 +169,7 @@ def test_login_invalid_credentials(client, db_session):
login_data = {"email": "wrong@example.com", "password": "wrongpassword"}
response = client.post("/auth/login", json=login_data)
assert response.status_code == 401
- assert "Invalid credentials" in response.json()["detail"]
+ assert "Invalid email or password" in response.json()["detail"]
def test_get_profile(client, db_session):
--
GitLab