refactor: split LDAP auth into backend/routers/auth.py

This commit is contained in:
2026-04-19 12:35:40 +03:00
parent a520b1ba2b
commit 90e9a60640
5 changed files with 363 additions and 339 deletions

View File

@@ -14,6 +14,7 @@ from backend.models import User
from backend.config_manager import ConfigManager
from backend.auth import get_current_admin, TokenData
import backend.routers.users as users_router
import backend.routers.auth as auth_router
import backend.routers.categories as categories_router
@@ -84,8 +85,8 @@ def test_client(test_db: Session) -> Generator[TestClient, None, None]:
@pytest.fixture(scope="function")
def mock_ldap() -> Generator[MagicMock, None, None]:
"""Mock LDAP authentication."""
with patch("backend.routers.users.ldap3.Server") as mock_server, \
patch("backend.routers.users.ldap3.Connection") as mock_conn_class:
with patch("backend.routers.auth.ldap3.Server") as mock_server, \
patch("backend.routers.auth.ldap3.Connection") as mock_conn_class:
mock_conn = MagicMock()
mock_conn.bind.return_value = True

View File

@@ -20,9 +20,9 @@ class TestUserAuthentication:
"groups_dn": "ou=groups,dc=ainventory,dc=local",
"role_mappings": [{"group": "cn=inventory_users,ou=groups,dc=ainventory,dc=local", "role": "user"}],
}
with patch("backend.routers.users.get_ldap_config", return_value=ldap_config):
with patch("backend.routers.auth.get_ldap_config", return_value=ldap_config):
response = test_client.post(
"/users/login",
"/auth/login",
json={"username": "testuser", "password": "password123"}
)
assert response.status_code == status.HTTP_200_OK
@@ -42,11 +42,11 @@ class TestUserAuthentication:
"groups_dn": "ou=groups,dc=ainventory,dc=local",
"role_mappings": [{"group": "cn=inventory_users,ou=groups,dc=ainventory,dc=local", "role": "user"}],
}
with patch("backend.routers.users.get_ldap_config", return_value=ldap_config), \
patch("backend.routers.users.ldap3.Server"), \
patch("backend.routers.users.ldap3.Connection", side_effect=Exception("Invalid credentials")):
with patch("backend.routers.auth.get_ldap_config", return_value=ldap_config), \
patch("backend.routers.auth.ldap3.Server"), \
patch("backend.routers.auth.ldap3.Connection", side_effect=Exception("Invalid credentials")):
response = test_client.post(
"/users/login",
"/auth/login",
json={"username": "testuser", "password": "wrongpassword"}
)
assert response.status_code == status.HTTP_401_UNAUTHORIZED
@@ -54,7 +54,7 @@ class TestUserAuthentication:
def test_login_local_password(self, test_client, test_db):
"""Test local password authentication (fallback)."""
from backend.models import User
from backend.routers.users import get_password_hash
from backend.routers.auth import get_password_hash
# Create local user
user = User(
@@ -67,7 +67,7 @@ class TestUserAuthentication:
test_db.commit()
response = test_client.post(
"/users/login",
"/auth/login",
json={"username": "localuser", "password": "password123"}
)
assert response.status_code == status.HTTP_200_OK