defmodule SilmataivasWeb.AuthTest do
  use SilmataivasWeb.ConnCase

  import Silmataivas.UsersFixtures

  alias SilmataivasWeb.Plugs.Auth

  describe "auth plug" do
    test "authenticates user with valid token", %{conn: conn} do
      # Create a user
      user = user_fixture()

      # Set up the connection with a valid token
      conn =
        conn
        |> put_req_header("authorization", "Bearer #{user.user_id}")
        |> Auth.call(%{})

      # Verify the user is authenticated
      assert conn.assigns.current_user.id == user.id
      refute conn.halted
    end

    test "rejects request with invalid token format", %{conn: conn} do
      # Set up the connection with an invalid token format
      conn =
        conn
        |> put_req_header("authorization", "Invalid #{Ecto.UUID.generate()}")
        |> Auth.call(%{})

      # Verify the connection is halted
      assert conn.halted
      assert conn.status == 401
      assert conn.resp_body == "Unauthorized"
    end

    test "rejects request with non-existent user token", %{conn: conn} do
      # Set up the connection with a non-existent user token
      conn =
        conn
        |> put_req_header("authorization", "Bearer #{Ecto.UUID.generate()}")
        |> Auth.call(%{})

      # Verify the connection is halted
      assert conn.halted
      assert conn.status == 401
      assert conn.resp_body == "Unauthorized"
    end

    test "rejects request without authorization header", %{conn: conn} do
      # Set up the connection without an authorization header
      conn = Auth.call(conn, %{})

      # Verify the connection is halted
      assert conn.halted
      assert conn.status == 401
      assert conn.resp_body == "Unauthorized"
    end
  end
end