from test.util.abstract_integration_test import AbstractPostgresTest from test.util.mock_user import mock_webui_user class TestAuths(AbstractPostgresTest): BASE_PATH = "/api/v1/auths" def setup_class(cls): super().setup_class() from open_webui.apps.webui.models.auths import Auths from open_webui.apps.webui.models.users import Users cls.users = Users cls.auths = Auths def test_get_session_user(self): with mock_webui_user(): response = self.fast_api_client.get(self.create_url("")) assert response.status_code == 200 assert response.json() == { "id": "1", "name": "John Doe", "email": "john.doe@openwebui.com", "role": "user", "profile_image_url": "/user.png", } def test_update_profile(self): from open_webui.utils.auth import get_password_hash user = self.auths.insert_new_auth( email="john.doe@openwebui.com", password=get_password_hash("old_password"), name="John Doe", profile_image_url="/user.png", role="user", ) with mock_webui_user(id=user.id): response = self.fast_api_client.post( self.create_url("/update/profile"), json={"name": "John Doe 2", "profile_image_url": "/user2.png"}, ) assert response.status_code == 200 db_user = self.users.get_user_by_id(user.id) assert db_user.name == "John Doe 2" assert db_user.profile_image_url == "/user2.png" def test_update_password(self): from open_webui.utils.auth import get_password_hash user = self.auths.insert_new_auth( email="john.doe@openwebui.com", password=get_password_hash("old_password"), name="John Doe", profile_image_url="/user.png", role="user", ) with mock_webui_user(id=user.id): response = self.fast_api_client.post( self.create_url("/update/password"), json={"password": "old_password", "new_password": "new_password"}, ) assert response.status_code == 200 old_auth = self.auths.authenticate_user( "john.doe@openwebui.com", "old_password" ) assert old_auth is None new_auth = self.auths.authenticate_user( "john.doe@openwebui.com", "new_password" ) assert new_auth is not None def test_signin(self): from open_webui.utils.auth import get_password_hash user = self.auths.insert_new_auth( email="john.doe@openwebui.com", password=get_password_hash("password"), name="John Doe", profile_image_url="/user.png", role="user", ) response = self.fast_api_client.post( self.create_url("/signin"), json={"email": "john.doe@openwebui.com", "password": "password"}, ) assert response.status_code == 200 data = response.json() assert data["id"] == user.id assert data["name"] == "John Doe" assert data["email"] == "john.doe@openwebui.com" assert data["role"] == "user" assert data["profile_image_url"] == "/user.png" assert data["token"] is not None and len(data["token"]) > 0 assert data["token_type"] == "Bearer" def test_signup(self): response = self.fast_api_client.post( self.create_url("/signup"), json={ "name": "John Doe", "email": "john.doe@openwebui.com", "password": "password", }, ) assert response.status_code == 200 data = response.json() assert data["id"] is not None and len(data["id"]) > 0 assert data["name"] == "John Doe" assert data["email"] == "john.doe@openwebui.com" assert data["role"] in ["admin", "user", "pending"] assert data["profile_image_url"] == "/user.png" assert data["token"] is not None and len(data["token"]) > 0 assert data["token_type"] == "Bearer" def test_add_user(self): with mock_webui_user(): response = self.fast_api_client.post( self.create_url("/add"), json={ "name": "John Doe 2", "email": "john.doe2@openwebui.com", "password": "password2", "role": "admin", }, ) assert response.status_code == 200 data = response.json() assert data["id"] is not None and len(data["id"]) > 0 assert data["name"] == "John Doe 2" assert data["email"] == "john.doe2@openwebui.com" assert data["role"] == "admin" assert data["profile_image_url"] == "/user.png" assert data["token"] is not None and len(data["token"]) > 0 assert data["token_type"] == "Bearer" def test_get_admin_details(self): self.auths.insert_new_auth( email="john.doe@openwebui.com", password="password", name="John Doe", profile_image_url="/user.png", role="admin", ) with mock_webui_user(): response = self.fast_api_client.get(self.create_url("/admin/details")) assert response.status_code == 200 assert response.json() == { "name": "John Doe", "email": "john.doe@openwebui.com", } def test_create_api_key_(self): user = self.auths.insert_new_auth( email="john.doe@openwebui.com", password="password", name="John Doe", profile_image_url="/user.png", role="admin", ) with mock_webui_user(id=user.id): response = self.fast_api_client.post(self.create_url("/api_key")) assert response.status_code == 200 data = response.json() assert data["api_key"] is not None assert len(data["api_key"]) > 0 def test_delete_api_key(self): user = self.auths.insert_new_auth( email="john.doe@openwebui.com", password="password", name="John Doe", profile_image_url="/user.png", role="admin", ) self.users.update_user_api_key_by_id(user.id, "abc") with mock_webui_user(id=user.id): response = self.fast_api_client.delete(self.create_url("/api_key")) assert response.status_code == 200 assert response.json() == True db_user = self.users.get_user_by_id(user.id) assert db_user.api_key is None def test_get_api_key(self): user = self.auths.insert_new_auth( email="john.doe@openwebui.com", password="password", name="John Doe", profile_image_url="/user.png", role="admin", ) self.users.update_user_api_key_by_id(user.id, "abc") with mock_webui_user(id=user.id): response = self.fast_api_client.get(self.create_url("/api_key")) assert response.status_code == 200 assert response.json() == {"api_key": "abc"}