"""Tests for auth middleware — TDD: tests before implementation."""

import pytest
from i2p_apps.console.auth import check_password, generate_password_hash


class TestPasswordAuth:
    def test_hash_generation(self):
        h = generate_password_hash("secret")
        assert h is not None
        assert len(h) > 0
        assert h != "secret"

    def test_check_correct_password(self):
        h = generate_password_hash("mypassword")
        assert check_password("mypassword", h) is True

    def test_check_wrong_password(self):
        h = generate_password_hash("mypassword")
        assert check_password("wrong", h) is False

    def test_different_passwords_different_hashes(self):
        h1 = generate_password_hash("pass1")
        h2 = generate_password_hash("pass2")
        assert h1 != h2