Nornsight/weave
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixing workos auth

Browse Source
This commit is contained in:
Richie Cahill
2026-05-29 20:23:08 -04:00
parent a956c4a973
commit d235babcf3
2 changed files with 59 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_web_routes.py
+43
View File
@@ -115,6 +115,31 @@ def test_logout_redirects_to_workos_and_clears_cookie(monkeypatch) -> None:
assert "workos_session=" in response.headers["set-cookie"]
def test_logout_with_invalid_session_cookie_clears_cookie(monkeypatch) -> None:
monkeypatch.setattr(main.auth, "get_auth_config", _fake_auth_config)
monkeypatch.setattr(main.auth, "get_workos_client", _invalid_workos_client)
client = TestClient(main.app)
client.cookies.set("workos_session", "bad-session-cookie")
response = client.post("/logout", follow_redirects=False)
assert response.status_code == 303
assert response.headers["location"] == "http://localhost:8000/"
assert "workos_session=" in response.headers["set-cookie"]
def test_invalid_session_cookie_is_treated_as_unauthenticated(monkeypatch) -> None:
monkeypatch.setattr(main.auth, "get_auth_config", _fake_auth_config)
monkeypatch.setattr(main.auth, "get_workos_client", _invalid_workos_client)
client = TestClient(main.app)
client.cookies.set("workos_session", "bad-session-cookie")
response = client.get("/")
assert response.status_code == 200
assert "Sign in" in response.text
def test_dashboard_route_renders_with_stubbed_repository(monkeypatch) -> None:
_patch_authenticated_dashboard(monkeypatch, current_user=_viewer_session())
@@ -199,6 +224,24 @@ def _fake_auth_config() -> auth.AuthConfig:
)
def _invalid_workos_client():
class InvalidSession:
def authenticate(self):
raise ValueError("invalid session")
def get_logout_url(self, *, return_to: str) -> str:
raise ValueError("invalid session")
class DummyUserManagement:
def load_sealed_session(self, *, session_data: str, cookie_password: str):
return InvalidSession()
class DummyClient:
user_management = DummyUserManagement()
return DummyClient()
def _patch_authenticated_dashboard(monkeypatch, *, current_user: auth.AuthSession) -> None:
monkeypatch.setattr(main.auth, "get_current_session", lambda request: current_user)