Initial commit

tests/test_auth.py

@@ -0,0 +1,25 @@
+import pytest
+from fastapi import HTTPException
+from fastapi.security import HTTPBasicCredentials
+
+from app.auth import require_dashboard_auth
+from app.config import Settings
+
+
+def test_dashboard_auth_fails_closed_when_credentials_are_missing(monkeypatch):
+    monkeypatch.delenv("DASHBOARD_USERNAME", raising=False)
+    monkeypatch.delenv("DASHBOARD_PASSWORD", raising=False)
+    settings = Settings.model_validate({"inboxes": [], "alerts": {"email": {"enabled": False}}})
+
+    with pytest.raises(HTTPException) as exc:
+        require_dashboard_auth(HTTPBasicCredentials(username="", password=""), settings)
+
+    assert exc.value.status_code == 500
+
+
+def test_dashboard_auth_accepts_configured_credentials(monkeypatch):
+    monkeypatch.setenv("DASHBOARD_USERNAME", "admin")
+    monkeypatch.setenv("DASHBOARD_PASSWORD", "secret")
+    settings = Settings.model_validate({"inboxes": [], "alerts": {"email": {"enabled": False}}})
+
+    require_dashboard_auth(HTTPBasicCredentials(username="admin", password="secret"), settings)