Initial commit: RSS platform phase 1 skeleton with code review fixes

Features: - FastAPI + SQLAlchemy 2.0 async + PostgreSQL/pgvector + Redis backend - Vue 3 + TypeScript + Element Plus frontend - JWT auth with access/refresh tokens and revocation - Admin/member RBAC - RSS feed CRUD and article listing - Settings management with Fernet encryption for sensitive values - Redis distributed lock service - Alembic initial migration - Docker Compose development environment Fixes from code review: - Fix DB session leak in dependency injection - Restrict registration to admin only - Add default admin password warning - Implement JWT refresh tokens and jti blacklist - Strengthen password policy - Use func.count for pagination totals - Replace NullPool with AsyncAdaptedQueuePool - Remove init_db from lifespan to enforce alembic migrations - Add request_id middleware and logging filter - Fix vite.config.ts env loading - Add frontend token refresh interceptor - Add Vue error handler Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-15 17:01:57 +08:00
commit ba6e7669e8
82 changed files with 6859 additions and 0 deletions
@@ -0,0 +1,33 @@
+"""Test configuration."""
+import pytest
+from sqlalchemy.ext.asyncio import AsyncSession, create_async_engine
+from sqlalchemy.orm import sessionmaker
+
+from app.models.base import Base
+
+
+@pytest.fixture(scope="function")
+async def db():
+    """Create a fresh in-memory SQLite database for each test."""
+    engine = create_async_engine(
+        "sqlite+aiosqlite:///:memory:",
+        future=True,
+        echo=False,
+    )
+    async with engine.begin() as conn:
+        await conn.run_sync(Base.metadata.create_all)
+
+    AsyncSessionLocal = sessionmaker(
+        engine,
+        class_=AsyncSession,
+        expire_on_commit=False,
+        autoflush=False,
+        autocommit=False,
+    )
+
+    async with AsyncSessionLocal() as session:
+        yield session
+
+    async with engine.begin() as conn:
+        await conn.run_sync(Base.metadata.drop_all)
+    await engine.dispose()
@@ -0,0 +1,36 @@
+"""Authentication tests."""
+import pytest
+from sqlalchemy import select
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.core.auth import get_password_hash, verify_password
+from app.models.user import User
+
+
+@pytest.mark.asyncio
+async def test_password_hash():
+    """Test password hashing and verification."""
+    password = "testpassword"
+    hashed = get_password_hash(password)
+    assert verify_password(password, hashed)
+    assert not verify_password("wrongpassword", hashed)
+
+
+@pytest.mark.asyncio
+async def test_user_creation(db: AsyncSession):
+    """Test user creation."""
+    user = User(
+        username="testuser",
+        password_hash=get_password_hash("testpass"),
+        role="member",
+        is_active=True,
+    )
+    db.add(user)
+    await db.commit()
+    await db.refresh(user)
+
+    result = await db.execute(select(User).where(User.username == "testuser"))
+    fetched = result.scalar_one_or_none()
+    assert fetched is not None
+    assert fetched.username == "testuser"
+    assert fetched.role == "member"