diff --git a/7project/backend/app/app.py b/7project/backend/app/app.py index a827694..1fd4dce 100644 --- a/7project/backend/app/app.py +++ b/7project/backend/app/app.py @@ -56,15 +56,14 @@ async def auth_guard(request: Request, call_next): # Enforce revoked/expired JWTs are rejected globally token = extract_bearer_token(request) if token: + from fastapi import Response, status as _status # Deny if token is revoked if is_token_revoked(token): - from fastapi import Response, status as _status return Response(status_code=_status.HTTP_401_UNAUTHORIZED) # Deny if token is expired or invalid try: decode_and_verify_jwt(token, SECRET) except Exception: - from fastapi import Response, status as _status return Response(status_code=_status.HTTP_401_UNAUTHORIZED) return await call_next(request) diff --git a/7project/backend/tests/conftest.py b/7project/backend/tests/conftest.py index 06f5c63..596aced 100644 --- a/7project/backend/tests/conftest.py +++ b/7project/backend/tests/conftest.py @@ -42,30 +42,3 @@ async def test_user(fastapi_app): return {"username": unique_email, "password": password} - -@pytest.fixture(scope="function") -def authenticated_client(client: TestClient): - """ - Creates a new user, logs them in, and returns a client - with the authorization headers already set. - """ - # 1. Create a unique user - unique_email = f"testuser_{uuid.uuid4()}@example.com" - password = "a_strong_password" - user_payload = {"email": unique_email, "password": password} - - register_resp = client.post("/auth/register", json=user_payload) - assert register_resp.status_code == 201 - - # 2. Log in to get the token - login_payload = {"username": unique_email, "password": password} - login_resp = client.post("/auth/jwt/login", data=login_payload) - token = login_resp.json()["access_token"] - - # 3. Set the authorization header for subsequent requests - client.headers = {"Authorization": f"Bearer {token}"} - - yield client - - # Teardown: Clear headers after the test - client.headers.pop("Authorization", None)