oabrivard
/
ai_synth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: use invalid session token for admin auth rejection tests

Browse Source 
Same fix as other test files — avoids oneshot() hang with no cookie.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
master
oabrivard 3 months ago
parent bd4f101d16
commit 5fa060fadc
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File

18
backend/tests/api_admin_test.rs
Unescape Escape View File

@ -109,17 +109,18 @@ async fn unauthenticated_admin_endpoint_returns_401() {
}
let app = common::TestApp::new().await;
let fake_session = "invalid-session-token-that-does-not-exist";
let (status, body) = app.get("/api/v1/admin/providers").await;
assert_eq!(status, StatusCode::UNAUTHORIZED, "Unauthenticated GET /admin/providers should return 401");
let (status, body) = app.get_with_session("/api/v1/admin/providers", fake_session).await;
assert_eq!(status, StatusCode::UNAUTHORIZED, "Invalid session GET /admin/providers should return 401");
assert_eq!(body["error"], "unauthorized");
let (status2, body2) = app.get("/api/v1/admin/users").await;
assert_eq!(status2, StatusCode::UNAUTHORIZED, "Unauthenticated GET /admin/users should return 401");
let (status2, body2) = app.get_with_session("/api/v1/admin/users", fake_session).await;
assert_eq!(status2, StatusCode::UNAUTHORIZED, "Invalid session GET /admin/users should return 401");
assert_eq!(body2["error"], "unauthorized");
let (status3, body3) = app.get("/api/v1/admin/rate-limits").await;
assert_eq!(status3, StatusCode::UNAUTHORIZED, "Unauthenticated GET /admin/rate-limits should return 401");
let (status3, body3) = app.get_with_session("/api/v1/admin/rate-limits", fake_session).await;
assert_eq!(status3, StatusCode::UNAUTHORIZED, "Invalid session GET /admin/rate-limits should return 401");
assert_eq!(body3["error"], "unauthorized");
}
@ -745,9 +746,10 @@ async fn config_providers_without_auth_returns_401() {
}
let app = common::TestApp::new().await;
let (status, body) = app.get("/api/v1/config/providers").await;
let fake_session = "invalid-session-token-that-does-not-exist";
let (status, body) = app.get_with_session("/api/v1/config/providers", fake_session).await;
assert_eq!(status, StatusCode::UNAUTHORIZED, "GET /config/providers without auth should return 401");
assert_eq!(status, StatusCode::UNAUTHORIZED, "Invalid session GET /config/providers should return 401");
assert_eq!(body["error"], "unauthorized");
}

Write Preview
Loading…
Cancel
Save