"""
Security test coverage utilities and test fixtures
"""
import pytest
import asyncio
from unittest.mock import Mock, patch
from fastapi.testclient import TestClient
from sqlalchemy.orm import Session
# Import security modules to test
from auth import verify_password, create_access_token, verify_token
from security_monitor import SecurityMonitor
from simple_gdpr import gdpr_manager
from middleware import (
SecurityHeadersMiddleware,
BodySizeLimitMiddleware,
RateLimitMiddleware,
CSRFMiddleware
)
from secure_logging import security_logger
class SecurityTestFixtures:
"""Test fixtures for security testing"""
@staticmethod
def create_test_user():
"""Create a test user with known credentials"""
return {
"id": 1,
"email": "test@example.com",
"password_hash": "$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewdBPj1VQv3c1yqB",
"totp_enabled": False,
"role": "user",
"created_at": "2024-01-01T00:00:00Z"
}
@staticmethod
def create_admin_user():
"""Create a test admin user"""
return {
"id": 2,
"email": "admin@example.com",
"password_hash": "$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewdBPj1VQv3c1yqB",
"totp_enabled": True,
"role": "admin",
"created_at": "2024-01-01T00:00:00Z"
}
@staticmethod
def create_malicious_payloads():
"""Create various malicious payloads for testing"""
return {
"xss_payloads": [
"",
"javascript:alert('xss')",
"
",
"';alert('xss');//",
"