"""Tests simples pour l'authentification API."""

import pytest
from fastapi import HTTPException

from pricewatch.app.api.main import require_token


class FakeConfig:
    api_token = "valid-token"


class FakeConfigNoToken:
    api_token = None


def test_require_token_valid(monkeypatch):
    """Token valide ne leve pas d'exception."""
    monkeypatch.setattr("pricewatch.app.api.main.get_config", lambda: FakeConfig())
    # Ne doit pas lever d'exception
    require_token("Bearer valid-token")


def test_require_token_missing(monkeypatch):
    """Token manquant leve 401."""
    monkeypatch.setattr("pricewatch.app.api.main.get_config", lambda: FakeConfig())
    with pytest.raises(HTTPException) as exc_info:
        require_token(None)
    assert exc_info.value.status_code == 401


def test_require_token_invalid_format(monkeypatch):
    """Token sans Bearer leve 401."""
    monkeypatch.setattr("pricewatch.app.api.main.get_config", lambda: FakeConfig())
    with pytest.raises(HTTPException) as exc_info:
        require_token("invalid-format")
    assert exc_info.value.status_code == 401


def test_require_token_wrong_value(monkeypatch):
    """Mauvais token leve 403."""
    monkeypatch.setattr("pricewatch.app.api.main.get_config", lambda: FakeConfig())
    with pytest.raises(HTTPException) as exc_info:
        require_token("Bearer wrong-token")
    assert exc_info.value.status_code == 403


def test_require_token_not_configured(monkeypatch):
    """Token non configure leve 500."""
    monkeypatch.setattr("pricewatch.app.api.main.get_config", lambda: FakeConfigNoToken())
    with pytest.raises(HTTPException) as exc_info:
        require_token("Bearer any-token")
    assert exc_info.value.status_code == 500