refactor: split LDAP auth into backend/routers/auth.py

This commit is contained in:
2026-04-19 12:35:40 +03:00
parent a520b1ba2b
commit 90e9a60640
5 changed files with 363 additions and 339 deletions

View File

@@ -20,9 +20,9 @@ class TestUserAuthentication:
"groups_dn": "ou=groups,dc=ainventory,dc=local",
"role_mappings": [{"group": "cn=inventory_users,ou=groups,dc=ainventory,dc=local", "role": "user"}],
}
with patch("backend.routers.users.get_ldap_config", return_value=ldap_config):
with patch("backend.routers.auth.get_ldap_config", return_value=ldap_config):
response = test_client.post(
"/users/login",
"/auth/login",
json={"username": "testuser", "password": "password123"}
)
assert response.status_code == status.HTTP_200_OK
@@ -42,11 +42,11 @@ class TestUserAuthentication:
"groups_dn": "ou=groups,dc=ainventory,dc=local",
"role_mappings": [{"group": "cn=inventory_users,ou=groups,dc=ainventory,dc=local", "role": "user"}],
}
with patch("backend.routers.users.get_ldap_config", return_value=ldap_config), \
patch("backend.routers.users.ldap3.Server"), \
patch("backend.routers.users.ldap3.Connection", side_effect=Exception("Invalid credentials")):
with patch("backend.routers.auth.get_ldap_config", return_value=ldap_config), \
patch("backend.routers.auth.ldap3.Server"), \
patch("backend.routers.auth.ldap3.Connection", side_effect=Exception("Invalid credentials")):
response = test_client.post(
"/users/login",
"/auth/login",
json={"username": "testuser", "password": "wrongpassword"}
)
assert response.status_code == status.HTTP_401_UNAUTHORIZED
@@ -54,7 +54,7 @@ class TestUserAuthentication:
def test_login_local_password(self, test_client, test_db):
"""Test local password authentication (fallback)."""
from backend.models import User
from backend.routers.users import get_password_hash
from backend.routers.auth import get_password_hash
# Create local user
user = User(
@@ -67,7 +67,7 @@ class TestUserAuthentication:
test_db.commit()
response = test_client.post(
"/users/login",
"/auth/login",
json={"username": "localuser", "password": "password123"}
)
assert response.status_code == status.HTTP_200_OK