card-game/backend/tests/test_auth.py

def test_register_success(client):
    response = client.post("/auth/register", json={
        "email": "newuser@example.com",
        "password": "password123",
        "nickname": "newuser"
    })
    assert response.status_code == 200
    data = response.json()
    assert "access_token" in data  # API returns token on registration

def test_register_duplicate_email(client, registered_user):
    response = client.post("/auth/register", json={
        "email": registered_user["email"],
        "password": "differentpassword",
        "nickname": "differentnickname"
    })
    assert response.status_code in [400, 409]  # Could be either

def test_login_success(client, registered_user):
    response = client.post("/auth/login", json={
        "email": registered_user["email"],
        "password": registered_user["password"]
    })
    assert response.status_code == 200
    data = response.json()
    assert "access_token" in data
    assert data["token_type"] == "bearer"

def test_login_wrong_password(client, registered_user):
    response = client.post("/auth/login", json={
        "email": registered_user["email"],
        "password": "wrongpassword"
    })
    assert response.status_code == 401

def test_login_nonexistent_user(client):
    response = client.post("/auth/login", json={
        "email": "nonexistent@example.com",
        "password": "password123"
    })
    assert response.status_code == 401

def test_me_authenticated(client, auth_headers):
    response = client.get("/me/profile", headers=auth_headers)
    assert response.status_code == 200
    data = response.json()
    assert data["nickname"] == "testuser"

def test_me_unauthenticated(client):
    response = client.get("/me/profile")
    assert response.status_code == 401