import os
from urllib.parse import urlsplit

from bs4 import BeautifulSoup
from flask import Flask

from amanuensis.db import User


def test_auth_circuit(app: Flask, make):
    """Test the user login/logout path."""
    username: str = f"user_{os.urandom(8).hex()}"
    ub: bytes = username.encode("utf8")
    assert make.user(username=username, password=username)

    with app.test_client() as client:
        # User should not be logged in
        response = client.get("/home/")
        assert response.status_code == 200
        assert ub not in response.data

        # The login page exists
        response = client.get("/auth/login/")
        assert response.status_code == 200
        assert ub not in response.data
        assert b"Username" in response.data
        assert b"Username" in response.data
        assert b"csrf_token" in response.data

        # Get the csrf token for logging in
        soup = BeautifulSoup(response.data, features="html.parser")
        csrf_token = soup.find(id="csrf_token")["value"]
        assert csrf_token

        # Log the user in
        response = client.post(
            "/auth/login/",
            data={"username": username, "password": username, "csrf_token": csrf_token},
        )
        assert 300 <= response.status_code <= 399
        assert urlsplit(response.location).path == "/home/"

        # Confirm that the user is logged in
        response = client.get("/home/")
        assert response.status_code == 200
        assert ub in response.data

        # Log the user out
        response = client.get("/auth/logout/")
        assert 300 <= response.status_code <= 399
        assert urlsplit(response.location).path == "/home/"

        # Confirm the user is logged out
        response = client.get("/home/")
        assert response.status_code == 200
        assert ub not in response.data