""" Tests for the updated registration flow: - Uses admin API (create_user with email_confirm=True) instead of sign_up - Immediately signs in after creation so a session is always returned - full_name / name field resolved correctly """ from unittest.mock import AsyncMock, MagicMock, patch def _admin_create_result(user_id="11111111-1111-1111-1111-111111111111"): user = MagicMock() user.id = user_id result = MagicMock() result.user = user return result def _sign_in_result(access_token="tok_access", refresh_token="tok_refresh"): session = MagicMock() session.access_token = access_token session.refresh_token = refresh_token session.expires_in = 3600 result = MagicMock() result.session = session return result async def test_register_returns_tokens_immediately(anon_client, mock_db): """Registration must always return access_token — no email confirmation delay.""" mock_db.execute = AsyncMock(return_value="INSERT 1") with patch("app.services.auth_service._admin_client") as mock_admin, \ patch("app.services.auth_service._client") as mock_client: mock_admin.return_value.auth.admin.create_user.return_value = _admin_create_result() mock_client.return_value.auth.sign_in_with_password.return_value = _sign_in_result() r = await anon_client.post("/api/v1/auth/register", json={ "email": "new@test.com", "password": "password123", "name": "Marie Dupont", }) assert r.status_code == 201 body = r.json() assert body["success"] is True assert "access_token" in body["data"] assert "refresh_token" in body["data"] assert body["data"]["token_type"] == "bearer" async def test_register_stores_full_name_from_name_field(anon_client, mock_db): """The `name` field sent by the frontend must be stored in the profile.""" executed_args = [] async def capture_execute(query, *args): executed_args.append(args) return "INSERT 1" mock_db.execute = capture_execute with patch("app.services.auth_service._admin_client") as mock_admin, \ patch("app.services.auth_service._client") as mock_client: mock_admin.return_value.auth.admin.create_user.return_value = _admin_create_result() mock_client.return_value.auth.sign_in_with_password.return_value = _sign_in_result() await anon_client.post("/api/v1/auth/register", json={ "email": "new@test.com", "password": "password123", "name": "Marie Dupont", }) # The INSERT INTO profiles call should include the name assert any("Marie Dupont" in str(args) for args in executed_args) async def test_register_stores_full_name_field(anon_client, mock_db): """The `full_name` field is also accepted as an alias for `name`.""" mock_db.execute = AsyncMock(return_value="INSERT 1") with patch("app.services.auth_service._admin_client") as mock_admin, \ patch("app.services.auth_service._client") as mock_client: mock_admin.return_value.auth.admin.create_user.return_value = _admin_create_result() mock_client.return_value.auth.sign_in_with_password.return_value = _sign_in_result() r = await anon_client.post("/api/v1/auth/register", json={ "email": "new2@test.com", "password": "password123", "full_name": "Sophie Klein", }) assert r.status_code == 201 assert "access_token" in r.json()["data"] async def test_register_supabase_error_returns_400(anon_client, mock_db): """If Supabase admin API fails, a 400 with REGISTRATION_FAILED is returned.""" with patch("app.services.auth_service._admin_client") as mock_admin: mock_admin.return_value.auth.admin.create_user.side_effect = Exception("Email already registered") r = await anon_client.post("/api/v1/auth/register", json={ "email": "existing@test.com", "password": "password123", "name": "Test", }) assert r.status_code == 400 body = r.json() assert body["success"] is False assert body["error"]["code"] == "REGISTRATION_FAILED" async def test_register_password_validation(anon_client): r = await anon_client.post("/api/v1/auth/register", json={ "email": "x@test.com", "password": "short", "name": "X", }) assert r.status_code == 422