From cf59abe6dd580bd9b426982a424bbe6acf0da0dd Mon Sep 17 00:00:00 2001
From: ZdenekSrotyr <zdenek.srotyr@keboola.com>
Date: Thu, 9 Apr 2026 16:35:15 +0200
Subject: [PATCH] fix: update tests to provide password after OAuth token
 bypass fix

---
 tests/test_api.py | 11 ++++++++---
 tests/test_cli.py |  6 ++++--
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/tests/test_api.py b/tests/test_api.py
index 973f0af..e1b407f 100644
--- a/tests/test_api.py
+++ b/tests/test_api.py
@@ -24,10 +24,15 @@ def seeded_client(tmp_path, monkeypatch):
     from src.repositories.users import UserRepository
     from app.auth.jwt import create_access_token
 
+    from argon2 import PasswordHasher
+    ph = PasswordHasher()
+
     conn = get_system_db()
     repo = UserRepository(conn)
-    repo.create(id="admin1", email="admin@acme.com", name="Admin", role="admin")
-    repo.create(id="analyst1", email="analyst@acme.com", name="Analyst", role="analyst")
+    repo.create(id="admin1", email="admin@acme.com", name="Admin", role="admin",
+                password_hash=ph.hash("adminpass"))
+    repo.create(id="analyst1", email="analyst@acme.com", name="Analyst", role="analyst",
+                password_hash=ph.hash("analystpass"))
     conn.close()
 
     app = create_app()
@@ -61,7 +66,7 @@ class TestHealth:
 class TestAuth:
     def test_token_for_existing_user(self, seeded_client):
         client, _, _ = seeded_client
-        resp = client.post("/auth/token", json={"email": "admin@acme.com"})
+        resp = client.post("/auth/token", json={"email": "admin@acme.com", "password": "adminpass"})
         assert resp.status_code == 200
         data = resp.json()
         assert "access_token" in data
diff --git a/tests/test_cli.py b/tests/test_cli.py
index 875a1da..1c9d362 100644
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -88,9 +88,11 @@ class TestAuth:
         from src.db import get_system_db
         from src.repositories.users import UserRepository
 
+        from argon2 import PasswordHasher
         conn = get_system_db()
         repo = UserRepository(conn)
-        repo.create(id="u1", email="test@acme.com", name="Test", role="analyst")
+        repo.create(id="u1", email="test@acme.com", name="Test", role="analyst",
+                    password_hash=PasswordHasher().hash("testpass"))
         conn.close()
 
         from fastapi.testclient import TestClient
@@ -103,7 +105,7 @@ class TestAuth:
             mock_get_client.return_value.__exit__ = MagicMock(return_value=False)
 
             # Simulate the API call
-            resp = client.post("/auth/token", json={"email": "test@acme.com"})
+            resp = client.post("/auth/token", json={"email": "test@acme.com", "password": "testpass"})
             assert resp.status_code == 200
             token = resp.json()["access_token"]