track-train · Baptiste-Ferrand · Aug 28, 2025 · Aug 28, 2025 · Aug 28, 2025 · Aug 28, 2025
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -6,7 +6,8 @@ on:
     branches: [main, develop]
 
 jobs:
-  test:
+  unit-tests:
+    name: Unit Tests
     runs-on: ubuntu-latest
 
     steps:
@@ -22,8 +23,9 @@ jobs:
       uses: actions/cache@v3
       with:
         path: ~/.cache/pip
-        key: ${{ runner.os }}-pip-${{ hashFiles('pyproject.toml') }}
+        key: ${{ runner.os }}-pip-unit-${{ hashFiles('pyproject.toml') }}
         restore-keys: |
+          ${{ runner.os }}-pip-unit-
           ${{ runner.os }}-pip-
 
     - name: Create and activate virtual environment
@@ -37,14 +39,73 @@ jobs:
         pip install --upgrade pip
         pip install .
 
-    - name: Run tests
+    - name: Run unit tests
+      run: |
+        source venv/bin/activate
+        pytest src/domain/tests/ \
+               -v \
+               --tb=short \
+               --cov=src/domain/services \
+               --cov=src/domain/lib \
+               --cov-report=term-missing
+
+    - name: Unit Tests Summary
+      if: always()
+      run: |
+        echo "Unit tests completed!"
+        echo "Check the logs above for details."
+
+  integration-tests:
+    name: Integration Tests
+    runs-on: ubuntu-latest
+    needs: unit-tests
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.12'
+
+    - name: Cache pip dependencies
+      uses: actions/cache@v3
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-pip-integration-${{ hashFiles('pyproject.toml') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-integration-
+          ${{ runner.os }}-pip-
+
+    - name: Create and activate virtual environment
+      run: |
+        python -m venv venv
+        source venv/bin/activate
+
+    - name: Install dependencies
+      run: |
+        source venv/bin/activate
+        pip install --upgrade pip
+        pip install .
+
+    - name: Start application server
       env:
         ENV: test
         SECRET_KEY: test_secret_key
         ACCESS_TOKEN_EXPIRE_MINUTES: 60
       run: |
         source venv/bin/activate
         uvicorn src.main:app --host 0.0.0.0 --port 8000 --reload &
+        sleep 10  # Attendre que le serveur soit prêt
+
+    - name: Run integration tests
+      env:
+        ENV: test
+        SECRET_KEY: test_secret_key
+        ACCESS_TOKEN_EXPIRE_MINUTES: 60
+      run: |
+        source venv/bin/activate
         pytest src/entrypoints/api/tests/profile.py \
                src/entrypoints/api/tests/group.py \
                src/entrypoints/api/tests/exercise.py \
@@ -53,8 +114,8 @@ jobs:
                -v \
                --tb=short
 
-    - name: Test Summary
+    - name: Integration Tests Summary
       if: always()
       run: |
-        echo "Tests completed!"
-        echo "Check the logs above for details."
+        echo "Integration tests completed!"
+        echo "Check the logs above for details."
diff --git a/pyproject.toml b/pyproject.toml
@@ -2,7 +2,52 @@
 name = "tracknatrainapi"
 version = "0.5.9"
 requires-python = ">=3.12"
-dependencies = [ "annotated-types==0.7.0", "anyio==4.9.0", "bcrypt==4.3.0", "boto3==1.37.37", "botocore==1.37.37", "cffi==1.17.1", "click==8.1.8", "cryptography==44.0.2", "dnspython==2.7.0", "ecdsa==0.19.1", "email-validator==2.2.0", "exceptiongroup==1.2.2", "fastapi==0.115.12", "greenlet==3.1.1", "h11==0.14.0", "idna==3.10", "jmespath==1.0.1", "passlib[bcrypt]>=1.7.4", "psycopg2-binary==2.9.10", "pyasn1==0.4.8", "pycparser==2.22", "pydantic==2.11.3", "pydantic-core==2.33.1", "python-dateutil==2.9.0.post0", "python-dotenv==1.1.0", "python-jose==3.4.0", "python-multipart==0.0.20", "rsa==4.9", "s3transfer==0.11.5", "six==1.17.0", "sniffio==1.3.1", "sqlalchemy==2.0.40", "starlette==0.46.2", "typing-extensions==4.13.2", "typing-inspection==0.4.0", "urllib3==2.4.0", "uvicorn==0.34.1", "pytest>=7.0", "pytest-asyncio>=0.20", "httpx>=0.24", "pytest-cov>=4.0", "coverage>=6.0", "asyncpg==0.30.0",]
+dependencies = [
+    "annotated-types==0.7.0",
+    "anyio==4.9.0",
+    "bcrypt==4.3.0",
+    "boto3==1.37.37",
+    "botocore==1.37.37",
+    "cffi==1.17.1",
+    "click==8.1.8",
+    "cryptography==44.0.2",
+    "dnspython==2.7.0",
+    "ecdsa==0.19.1",
+    "email-validator==2.2.0",
+    "exceptiongroup==1.2.2",
+    "fastapi==0.115.12",
+    "greenlet==3.1.1",
+    "h11==0.14.0",
+    "idna==3.10",
+    "jmespath==1.0.1",
+    "passlib[bcrypt]>=1.7.4",
+    "psycopg2-binary==2.9.10",
+    "pyasn1==0.4.8",
+    "pycparser==2.22",
+    "pydantic==2.11.3",
+    "pydantic-core==2.33.1",
+    "python-dateutil==2.9.0.post0",
+    "python-dotenv==1.1.0",
+    "python-jose==3.4.0",
+    "python-multipart==0.0.20",
+    "rsa==4.9",
+    "s3transfer==0.11.5",
+    "six==1.17.0",
+    "sniffio==1.3.1",
+    "sqlalchemy==2.0.40",
+    "starlette==0.46.2",
+    "typing-extensions==4.13.2",
+    "typing-inspection==0.4.0",
+    "urllib3==2.4.0",
+    "uvicorn==0.34.1",
+    "pytest>=7.0",
+    "pytest-asyncio>=0.20",
+    "httpx>=0.24",
+    "pytest-cov>=4.0",
+    "coverage>=6.0",
+    "asyncpg==0.30.0",
+    "pytest-mock>=3.10,<4.0",
+]
 
 [build-system]
 requires = [ "setuptools>=42", "wheel",]

diff --git a/src/domain/lib/security.py b/src/domain/lib/security.py
@@ -1,4 +1,5 @@
 from passlib.context import CryptContext
+from passlib.exc import UnknownHashError
 from src.domain.ports.password_hasher import PasswordHasher
 
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
@@ -8,4 +9,7 @@ def hash(self, plain: str) -> str:
         return pwd_context.hash(plain)
 
     def verify(self, plain: str, hashed: str) -> bool:
-        return pwd_context.verify(plain, hashed)
+        try:
+            return pwd_context.verify(plain, hashed)
+        except UnknownHashError:
+            return False
diff --git a/src/domain/tests/__init__.py b/src/domain/tests/__init__.py
diff --git a/src/domain/tests/test_bcrypt_password_hasher.py b/src/domain/tests/test_bcrypt_password_hasher.py
@@ -0,0 +1,144 @@
+import pytest
+import sys
+import os
+sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '../../..')))
+
+
+from src.domain.lib.security import BcryptPasswordHasher
+
+
+@pytest.fixture
+def password_hasher():
+    return BcryptPasswordHasher()
+
+
+def test_hash_password(password_hasher):
+    """Test que le hachage d'un mot de passe fonctionne"""
+    password = "test_password_123"
+
+    hashed = password_hasher.hash(password)
+
+    # Vérifier que le hash est généré et différent du mot de passe original
+    assert hashed is not None
+    assert hashed != password
+    assert len(hashed) > 0
+    # Bcrypt hashes commencent généralement par $2b$
+    assert hashed.startswith("$2b$")
+
+
+def test_hash_different_passwords_produce_different_hashes(password_hasher):
+    """Test que des mots de passe différents produisent des hashes différents"""
+    password1 = "password123"
+    password2 = "password456"
+
+    hash1 = password_hasher.hash(password1)
+    hash2 = password_hasher.hash(password2)
+
+    assert hash1 != hash2
+
+
+def test_hash_same_password_produces_different_salts(password_hasher):
+    """Test que le même mot de passe produit des hashes différents (à cause du salt)"""
+    password = "same_password"
+
+    hash1 = password_hasher.hash(password)
+    hash2 = password_hasher.hash(password)
+
+    # Les hashes doivent être différents à cause du salt aléatoire
+    assert hash1 != hash2
+
+
+def test_verify_correct_password(password_hasher):
+    """Test que la vérification d'un mot de passe correct fonctionne"""
+    password = "correct_password"
+
+    hashed = password_hasher.hash(password)
+    result = password_hasher.verify(password, hashed)
+
+    assert result is True
+
+
+def test_verify_incorrect_password(password_hasher):
+    """Test que la vérification d'un mot de passe incorrect échoue"""
+    correct_password = "correct_password"
+    wrong_password = "wrong_password"
+
+    hashed = password_hasher.hash(correct_password)
+    result = password_hasher.verify(wrong_password, hashed)
+
+    assert result is False
+
+
+def test_verify_empty_password(password_hasher):
+    """Test que la vérification avec un mot de passe vide échoue"""
+    password = "non_empty_password"
+
+    hashed = password_hasher.hash(password)
+    result = password_hasher.verify("", hashed)
+
+    assert result is False
+
+
+def test_verify_with_invalid_hash(password_hasher):
+    """Test que la vérification avec un hash invalide retourne False au lieu de lever une exception"""
+    password = "test_password"
+    invalid_hash = "invalid_hash_string"
+
+    # Au lieu de lever une exception, on s'attend à ce que verify retourne False
+    result = password_hasher.verify(password, invalid_hash)
+
+    assert result is False
+
+
+def test_hash_empty_string(password_hasher):
+    """Test que le hachage d'une chaîne vide fonctionne"""
+    empty_password = ""
+
+    hashed = password_hasher.hash(empty_password)
+
+    assert hashed is not None
+    assert len(hashed) > 0
+    assert hashed.startswith("$2b$")
+
+
+def test_verify_empty_string_with_its_hash(password_hasher):
+    """Test que la vérification d'une chaîne vide avec son propre hash fonctionne"""
+    empty_password = ""
+
+    hashed = password_hasher.hash(empty_password)
+    result = password_hasher.verify(empty_password, hashed)
+
+    assert result is True
+
+
+def test_hash_special_characters(password_hasher):
+    """Test que le hachage de caractères spéciaux fonctionne"""
+    special_password = "pàssw0rd!@#$%^&*()_+-=[]{}|;':\",./<>?"
+
+    hashed = password_hasher.hash(special_password)
+    result = password_hasher.verify(special_password, hashed)
+
+    assert hashed is not None
+    assert result is True
+
+
+def test_hash_unicode_characters(password_hasher):
+    """Test que le hachage de caractères Unicode fonctionne"""
+    unicode_password = "пароль123🔒"
+
+    hashed = password_hasher.hash(unicode_password)
+    result = password_hasher.verify(unicode_password, hashed)
+
+    assert hashed is not None
+    assert result is True
+
+
+def test_hash_long_password(password_hasher):
+    """Test que le hachage d'un mot de passe très long fonctionne"""
+    long_password = "a" * 1000  # Mot de passe de 1000 caractères
+
+    hashed = password_hasher.hash(long_password)
+    result = password_hasher.verify(long_password, hashed)
+
+    assert hashed is not None
+    assert result is True