Initial commit: import from sinmb79/Gov-chat-bot

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

backend/tests/test_admin_auth.py

@@ -0,0 +1,114 @@
+"""
+관리자 인증 API 테스트.
+POST /api/admin/auth/login
+"""
+import pytest
+from unittest.mock import AsyncMock, MagicMock
+from uuid import uuid4
+
+from app.models.admin import AdminUser, AdminRole
+from app.core.security import hash_password
+
+
+def make_user(tenant_id: str = "t1", email: str = "admin@test.com") -> AdminUser:
+    user = AdminUser()
+    user.id = str(uuid4())
+    user.tenant_id = tenant_id
+    user.email = email
+    user.hashed_pw = hash_password("secret123")
+    user.role = AdminRole.admin
+    user.is_active = True
+    return user
+
+
+@pytest.mark.asyncio
+async def test_login_success(client):
+    """올바른 자격증명 → access_token + role 반환."""
+    user = make_user()
+
+    mock_result = MagicMock()
+    mock_result.scalar_one_or_none = MagicMock(return_value=user)
+
+    from app.core.database import get_db
+
+    async def override_db():
+        db = AsyncMock()
+        db.execute = AsyncMock(return_value=mock_result)
+        yield db
+
+    client.app.dependency_overrides[get_db] = override_db
+
+    try:
+        res = await client.post("/api/admin/auth/login", json={
+            "tenant_id": user.tenant_id,
+            "email": user.email,
+            "password": "secret123",
+        })
+        assert res.status_code == 200
+        data = res.json()
+        assert "access_token" in data
+        assert data["token_type"] == "bearer"
+        assert data["role"] == "admin"
+    finally:
+        client.app.dependency_overrides.pop(get_db, None)
+
+
+@pytest.mark.asyncio
+async def test_login_wrong_password(client):
+    """틀린 비밀번호 → 401."""
+    user = make_user()
+
+    mock_result = MagicMock()
+    mock_result.scalar_one_or_none = MagicMock(return_value=user)
+
+    from app.core.database import get_db
+
+    async def override_db():
+        db = AsyncMock()
+        db.execute = AsyncMock(return_value=mock_result)
+        yield db
+
+    client.app.dependency_overrides[get_db] = override_db
+
+    try:
+        res = await client.post("/api/admin/auth/login", json={
+            "tenant_id": user.tenant_id,
+            "email": user.email,
+            "password": "wrong-password",
+        })
+        assert res.status_code == 401
+    finally:
+        client.app.dependency_overrides.pop(get_db, None)
+
+
+@pytest.mark.asyncio
+async def test_login_user_not_found(client):
+    """존재하지 않는 사용자 → 401."""
+    mock_result = MagicMock()
+    mock_result.scalar_one_or_none = MagicMock(return_value=None)
+
+    from app.core.database import get_db
+
+    async def override_db():
+        db = AsyncMock()
+        db.execute = AsyncMock(return_value=mock_result)
+        yield db
+
+    client.app.dependency_overrides[get_db] = override_db
+
+    try:
+        res = await client.post("/api/admin/auth/login", json={
+            "tenant_id": "nonexistent",
+            "email": "nobody@test.com",
+            "password": "any",
+        })
+        assert res.status_code == 401
+    finally:
+        client.app.dependency_overrides.pop(get_db, None)
+
+
+@pytest.mark.asyncio
+async def test_login_missing_fields(client):
+    """필수 필드 누락 → 422."""
+    res = await client.post("/api/admin/auth/login", json={"email": "x@x.com"})
+    assert res.status_code == 422