/** * Tests d'intégration pour les endpoints d'authentification */ import request from 'supertest'; import app from '../../index.js'; describe('Auth API', () => { describe('POST /api/auth/register', () => { it('should reject registration with missing fields', async () => { const res = await request(app) .post('/api/auth/register') .send({ email: 'test@example.com', }); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); it('should reject registration with invalid email', async () => { const res = await request(app) .post('/api/auth/register') .send({ email: 'invalid-email', password: 'Password123!', firstName: 'John', lastName: 'Doe', }); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); it('should reject registration with weak password', async () => { const res = await request(app) .post('/api/auth/register') .send({ email: 'test@example.com', password: '123', firstName: 'John', lastName: 'Doe', }); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); }); describe('POST /api/auth/login', () => { it('should reject login with missing credentials', async () => { const res = await request(app) .post('/api/auth/login') .send({}); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); // Skip this test in CI - requires database connection it.skip('should reject login with invalid credentials', async () => { const res = await request(app) .post('/api/auth/login') .send({ email: 'nonexistent@example.com', password: 'wrongpassword', }); expect(res.statusCode).toBeGreaterThanOrEqual(400); expect(res.body.success).toBe(false); }); }); describe('GET /api/auth/me', () => { it('should reject request without token', async () => { const res = await request(app).get('/api/auth/me'); expect(res.statusCode).toBe(401); expect(res.body.success).toBe(false); }); it('should reject request with invalid token', async () => { const res = await request(app) .get('/api/auth/me') .set('Authorization', 'Bearer invalid-token'); expect(res.statusCode).toBe(401); expect(res.body.success).toBe(false); }); }); describe('POST /api/auth/forgot-password', () => { it('should reject with invalid email format', async () => { const res = await request(app) .post('/api/auth/forgot-password') .send({ email: 'invalid-email', }); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); }); describe('POST /api/auth/reset-password', () => { it('should reject with missing token', async () => { const res = await request(app) .post('/api/auth/reset-password') .send({ password: 'NewPassword123!', }); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); it('should reject with invalid token', async () => { const res = await request(app) .post('/api/auth/reset-password') .send({ token: 'invalid-token', password: 'NewPassword123!', }); expect(res.statusCode).toBeGreaterThanOrEqual(400); }); }); describe('GET /api/auth/verify-email/:token', () => { // Skip this test in CI - requires database connection it.skip('should reject with invalid token', async () => { const res = await request(app).get('/api/auth/verify-email/invalid-token'); expect(res.statusCode).toBeGreaterThanOrEqual(400); }); }); describe('POST /api/auth/google', () => { it('should reject with missing token', async () => { const res = await request(app) .post('/api/auth/google') .send({}); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); }); describe('POST /api/auth/facebook', () => { it('should reject with missing token', async () => { const res = await request(app) .post('/api/auth/facebook') .send({}); expect(res.statusCode).toBe(400); expect(res.body.success).toBe(false); }); }); });