feat(tests): Implemented basic tests and github workflow

7project/backend/pyproject.toml

@@ -0,0 +1,2 @@
+[tool.pytest.ini_options]
+pythonpath = "."

7project/backend/tests/conftest.py

@@ -0,0 +1,22 @@
+import sys
+import types
+import pytest
+from fastapi.testclient import TestClient
+
+# Stub sentry_sdk to avoid optional dependency issues during import of app
+stub = types.ModuleType("sentry_sdk")
+stub.init = lambda *args, **kwargs: None
+sys.modules.setdefault("sentry_sdk", stub)
+
+# Import the FastAPI application
+from app.app import fastApi as app  # noqa: E402
+
+
+@pytest.fixture(scope="session")
+def fastapi_app():
+    return app
+
+
+@pytest.fixture(scope="session")
+def client(fastapi_app):
+    return TestClient(fastapi_app, raise_server_exceptions=True)

7project/backend/tests/test_e2e_auth_flow.py

@@ -0,0 +1,15 @@
+from fastapi import status
+
+
+def test_e2e_minimal_auth_flow(client):
+    # 1) Service is alive
+    alive = client.get("/")
+    assert alive.status_code == status.HTTP_200_OK
+
+    # 2) Attempt to login without payload should fail fast (validation error)
+    login = client.post("/auth/jwt/login")
+    assert login.status_code in (status.HTTP_400_BAD_REQUEST, status.HTTP_422_UNPROCESSABLE_ENTITY)
+
+    # 3) Protected endpoint should not be accessible without token
+    me = client.get("/users/me")
+    assert me.status_code in (status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN)

7project/backend/tests/test_integration_app.py

@@ -0,0 +1,18 @@
+from fastapi import status
+import pytest
+
+
+def test_root_ok(client):
+    resp = client.get("/")
+    assert resp.status_code == status.HTTP_200_OK
+    assert resp.json() == {"status": "ok"}
+
+
+def test_authenticated_route_requires_auth(client):
+    resp = client.get("/authenticated-route")
+    assert resp.status_code in (status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN)
+
+
+def test_sentry_debug_raises_exception(client):
+    with pytest.raises(ZeroDivisionError):
+        client.get("/sentry-debug")

7project/backend/tests/test_unit_user_service.py

@@ -0,0 +1,55 @@
+import types
+import asyncio
+import pytest
+
+from app.services import user_service
+
+
+def test_get_oauth_provider_known_unknown():
+    # Known providers should return a provider instance
+    bankid = user_service.get_oauth_provider("BankID")
+    mojeid = user_service.get_oauth_provider("MojeID")
+    assert bankid is not None
+    assert mojeid is not None
+
+    # Unknown should return None
+    assert user_service.get_oauth_provider("DoesNotExist") is None
+
+
+def test_get_jwt_strategy_lifetime():
+    strategy = user_service.get_jwt_strategy()
+    assert strategy is not None
+    # Basic smoke check: strategy has a lifetime set to 3600
+    assert getattr(strategy, "lifetime_seconds", None) in (3600,)
+
+
+@pytest.mark.asyncio
+async def test_on_after_request_verify_enqueues_email(monkeypatch):
+    calls = {}
+
+    def fake_enqueue_email(to: str, subject: str, body: str):
+        calls.setdefault("emails", []).append({
+            "to": to,
+            "subject": subject,
+            "body": body,
+        })
+
+    # Patch the enqueue_email used inside user_service
+    monkeypatch.setattr(user_service, "enqueue_email", fake_enqueue_email)
+
+    class DummyUser:
+        def __init__(self, email):
+            self.email = email
+
+    mgr = user_service.UserManager(user_db=None)  # user_db not needed for this method
+    user = DummyUser("test@example.com")
+
+    # Call the hook
+    await mgr.on_after_request_verify(user, token="abc123", request=None)
+
+    # Verify one email has been enqueued with expected content
+    assert len(calls.get("emails", [])) == 1
+    email = calls["emails"][0]
+    assert email["to"] == "test@example.com"
+    assert "ověření účtu" in email["subject"].lower()
+    assert "abc123" in email["body"]