fix(backend): adressed copilot review

7project/backend/app/app.py

@@ -56,15 +56,14 @@ async def auth_guard(request: Request, call_next):
     # Enforce revoked/expired JWTs are rejected globally
     token = extract_bearer_token(request)
     if token:
+        from fastapi import Response, status as _status
         # Deny if token is revoked
         if is_token_revoked(token):
-            from fastapi import Response, status as _status
             return Response(status_code=_status.HTTP_401_UNAUTHORIZED)
         # Deny if token is expired or invalid
         try:
             decode_and_verify_jwt(token, SECRET)
         except Exception:
-            from fastapi import Response, status as _status
             return Response(status_code=_status.HTTP_401_UNAUTHORIZED)
     return await call_next(request)
 

7project/backend/tests/conftest.py

@@ -42,30 +42,3 @@ async def test_user(fastapi_app):
 
     return {"username": unique_email, "password": password}
 
-
-@pytest.fixture(scope="function")
-def authenticated_client(client: TestClient):
-    """
-    Creates a new user, logs them in, and returns a client
-    with the authorization headers already set.
-    """
-    # 1. Create a unique user
-    unique_email = f"testuser_{uuid.uuid4()}@example.com"
-    password = "a_strong_password"
-    user_payload = {"email": unique_email, "password": password}
-
-    register_resp = client.post("/auth/register", json=user_payload)
-    assert register_resp.status_code == 201
-
-    # 2. Log in to get the token
-    login_payload = {"username": unique_email, "password": password}
-    login_resp = client.post("/auth/jwt/login", data=login_payload)
-    token = login_resp.json()["access_token"]
-
-    # 3. Set the authorization header for subsequent requests
-    client.headers = {"Authorization": f"Bearer {token}"}
-
-    yield client
-
-    # Teardown: Clear headers after the test
-    client.headers.pop("Authorization", None)