feat: account management — change email, password, and CLI reset (#10)

API: - PATCH /auth/me — update email and display name - PATCH /auth/me/password — change password (requires current) - GET /auth/me now returns full profile (email, full_name, role) CLI: - python -m src.cli.reset_password --email <email> --password <pw> for recovery when locked out (run via docker exec) Admin UI: - User menu dropdown on the top nav (click username → Account / Sign out) replaces the inline sign-out link - /account page with profile form (email + display name) and change password form (current + new + confirm)
2026-04-18 21:53:32 +01:00
parent 142e2373d3
commit d8e0a34e04
10 changed files with 484 additions and 21 deletions
--- a/apps/api/tests/test_auth.py
+++ b/apps/api/tests/test_auth.py
@@ -4,6 +4,7 @@ import uuid
 from datetime import UTC, datetime, timedelta

 import pytest
+from httpx import ASGITransport, AsyncClient
 from jose import JWTError, jwt

 from src.config.settings import get_settings
@@ -140,7 +141,11 @@ class TestAuthEndpoints:
        response = await client.get("/api/v1/auth/me")
        assert response.status_code == 401

-    async def test_me_with_valid_token(self, client):
+    async def test_me_with_valid_token(self, app):
+        from unittest.mock import AsyncMock, MagicMock
+
+        from src.db import get_db
+
        user_id = uuid.uuid4()
        org_id = uuid.uuid4()
        token = create_access_token(
@@ -149,10 +154,34 @@ class TestAuthEndpoints:
            role="editor",
            email="user@example.com",
        )
-        response = await client.get(
-            "/api/v1/auth/me",
-            headers={"Authorization": f"Bearer {token}"},
-        )
+
+        mock_user = MagicMock()
+        mock_user.id = user_id
+        mock_user.organisation_id = org_id
+        mock_user.email = "user@example.com"
+        mock_user.full_name = "Test User"
+        mock_user.role = "editor"
+        mock_user.deleted_at = None
+
+        mock_session = AsyncMock()
+        mock_result = MagicMock()
+        mock_result.scalar_one_or_none.return_value = mock_user
+        mock_session.execute.return_value = mock_result
+
+        async def _override():
+            yield mock_session
+
+        app.dependency_overrides[get_db] = _override
+
+        transport = ASGITransport(app=app)
+        async with AsyncClient(transport=transport, base_url="http://test") as client:
+            response = await client.get(
+                "/api/v1/auth/me",
+                headers={"Authorization": f"Bearer {token}"},
+            )
+
+        app.dependency_overrides.pop(get_db, None)
+
        assert response.status_code == 200
        data = response.json()
        assert data["id"] == str(user_id)
--- a/apps/api/tests/test_routers_auth.py
+++ b/apps/api/tests/test_routers_auth.py
@@ -117,7 +117,8 @@ class TestMeEndpoint:
            role="owner",
            email="admin@test.com",
        )
-        db = _mock_db()
+        mock_user = _make_user(id=user_id, org_id=org_id, email="admin@test.com", role="owner")
+        db = _mock_db(scalar_one_or_none=mock_user)
        async with await _client(mock_app, db) as client:
            resp = await client.get(
                "/api/v1/auth/me",