Fix 2 broken test assertions, add 22 new tests for register flow, booking email resilience, settings, and customers

tests/test_register_flow.py

@@ -0,0 +1,116 @@
+"""
+Tests for the updated registration flow:
+- Uses admin API (create_user with email_confirm=True) instead of sign_up
+- Immediately signs in after creation so a session is always returned
+- full_name / name field resolved correctly
+"""
+from unittest.mock import AsyncMock, MagicMock, patch
+
+
+def _admin_create_result(user_id="11111111-1111-1111-1111-111111111111"):
+    user = MagicMock()
+    user.id = user_id
+    result = MagicMock()
+    result.user = user
+    return result
+
+
+def _sign_in_result(access_token="tok_access", refresh_token="tok_refresh"):
+    session = MagicMock()
+    session.access_token = access_token
+    session.refresh_token = refresh_token
+    session.expires_in = 3600
+    result = MagicMock()
+    result.session = session
+    return result
+
+
+async def test_register_returns_tokens_immediately(anon_client, mock_db):
+    """Registration must always return access_token — no email confirmation delay."""
+    mock_db.execute = AsyncMock(return_value="INSERT 1")
+
+    with patch("app.services.auth_service._admin_client") as mock_admin, \
+         patch("app.services.auth_service._client") as mock_client:
+        mock_admin.return_value.auth.admin.create_user.return_value = _admin_create_result()
+        mock_client.return_value.auth.sign_in_with_password.return_value = _sign_in_result()
+
+        r = await anon_client.post("/api/v1/auth/register", json={
+            "email": "new@test.com",
+            "password": "password123",
+            "name": "Marie Dupont",
+        })
+
+    assert r.status_code == 201
+    body = r.json()
+    assert body["success"] is True
+    assert "access_token" in body["data"]
+    assert "refresh_token" in body["data"]
+    assert body["data"]["token_type"] == "bearer"
+
+
+async def test_register_stores_full_name_from_name_field(anon_client, mock_db):
+    """The `name` field sent by the frontend must be stored in the profile."""
+    executed_args = []
+    async def capture_execute(query, *args):
+        executed_args.append(args)
+        return "INSERT 1"
+    mock_db.execute = capture_execute
+
+    with patch("app.services.auth_service._admin_client") as mock_admin, \
+         patch("app.services.auth_service._client") as mock_client:
+        mock_admin.return_value.auth.admin.create_user.return_value = _admin_create_result()
+        mock_client.return_value.auth.sign_in_with_password.return_value = _sign_in_result()
+
+        await anon_client.post("/api/v1/auth/register", json={
+            "email": "new@test.com",
+            "password": "password123",
+            "name": "Marie Dupont",
+        })
+
+    # The INSERT INTO profiles call should include the name
+    assert any("Marie Dupont" in str(args) for args in executed_args)
+
+
+async def test_register_stores_full_name_field(anon_client, mock_db):
+    """The `full_name` field is also accepted as an alias for `name`."""
+    mock_db.execute = AsyncMock(return_value="INSERT 1")
+
+    with patch("app.services.auth_service._admin_client") as mock_admin, \
+         patch("app.services.auth_service._client") as mock_client:
+        mock_admin.return_value.auth.admin.create_user.return_value = _admin_create_result()
+        mock_client.return_value.auth.sign_in_with_password.return_value = _sign_in_result()
+
+        r = await anon_client.post("/api/v1/auth/register", json={
+            "email": "new2@test.com",
+            "password": "password123",
+            "full_name": "Sophie Klein",
+        })
+
+    assert r.status_code == 201
+    assert "access_token" in r.json()["data"]
+
+
+async def test_register_supabase_error_returns_400(anon_client, mock_db):
+    """If Supabase admin API fails, a 400 with REGISTRATION_FAILED is returned."""
+    with patch("app.services.auth_service._admin_client") as mock_admin:
+        mock_admin.return_value.auth.admin.create_user.side_effect = Exception("Email already registered")
+
+        r = await anon_client.post("/api/v1/auth/register", json={
+            "email": "existing@test.com",
+            "password": "password123",
+            "name": "Test",
+        })
+
+    assert r.status_code == 400
+    body = r.json()
+    assert body["success"] is False
+    assert body["error"]["code"] == "REGISTRATION_FAILED"
+
+
+async def test_register_password_validation(anon_client):
+    r = await anon_client.post("/api/v1/auth/register", json={
+        "email": "x@test.com",
+        "password": "short",
+        "name": "X",
+    })
+    assert r.status_code == 422